From patchwork Tue Mar 10 15:31:13 2015 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Taras Kondratiuk X-Patchwork-Id: 45596 Return-Path: X-Original-To: linaro@patches.linaro.org Delivered-To: linaro@patches.linaro.org Received: from mail-we0-f198.google.com (mail-we0-f198.google.com [74.125.82.198]) by ip-10-151-82-157.ec2.internal (Postfix) with ESMTPS id A26A6214BF for ; Tue, 10 Mar 2015 15:33:03 +0000 (UTC) Received: by wesu56 with SMTP id u56sf2060187wes.2 for ; Tue, 10 Mar 2015 08:33:02 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:delivered-to:from:to:date:message-id:in-reply-to :references:cc:subject:precedence:list-id:list-unsubscribe :list-archive:list-post:list-help:list-subscribe:mime-version :content-type:content-transfer-encoding:errors-to:sender :x-original-sender:x-original-authentication-results:mailing-list; bh=HJmCpZA1eXslfb1kyoTvTH/uB+PI9aI/LjLmUe4QZTU=; b=gcPhTpZ15RtrjwLeefDdecar+evUrnhBSmqxV4TN5pgKqALmdpX6GSzEBBjCP/SOx5 HQ4QVOM+8WUZrMLWl2R2pY6EGmINYfBKimdswItifK6HkKzWPRdS+9pMuXFlTfsCSeoS jMBqDsNUH5LQRpOzSlmBdcdWx4HIxtNNFKUO2ht+uh5W+F/w1dh4H8ANuq2hf+loWZLg svSMZYk3IRLKcbTrL9V8PzQl35IW4m3T+7d9jdWJDILapTzxPgC8uv6Q2Bw78bIwBAXf qmbw7rcsLQMdrYCEWI45FxqMSfvQgVDonTUwWnlBZJnIlpIahvQ7hFiiKERLnf3Cl3Ru 7DnQ== X-Gm-Message-State: ALoCoQnnyPcAmluPEJveN6EC1H7BChoZljKutKaxdPARQIrl2gFp7ZNoeTI58GsFL16FcM9zJicM X-Received: by 10.180.150.115 with SMTP id uh19mr1700682wib.7.1426001582809; Tue, 10 Mar 2015 08:33:02 -0700 (PDT) X-BeenThere: patchwork-forward@linaro.org Received: by 10.152.4.131 with SMTP id k3ls48333lak.21.gmail; Tue, 10 Mar 2015 08:33:02 -0700 (PDT) X-Received: by 10.152.4.136 with SMTP id k8mr30914328lak.103.1426001582619; Tue, 10 Mar 2015 08:33:02 -0700 (PDT) Received: from mail-la0-f53.google.com (mail-la0-f53.google.com. [209.85.215.53]) by mx.google.com with ESMTPS id la5si526562lac.112.2015.03.10.08.33.02 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 10 Mar 2015 08:33:02 -0700 (PDT) Received-SPF: pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.215.53 as permitted sender) client-ip=209.85.215.53; Received: by labgd6 with SMTP id gd6so2568260lab.3 for ; Tue, 10 Mar 2015 08:33:02 -0700 (PDT) X-Received: by 10.112.130.195 with SMTP id og3mr30456401lbb.112.1426001582470; Tue, 10 Mar 2015 08:33:02 -0700 (PDT) X-Forwarded-To: patchwork-forward@linaro.org X-Forwarded-For: patch@linaro.org patchwork-forward@linaro.org Delivered-To: patch@linaro.org Received: by 10.112.35.133 with SMTP id h5csp2207356lbj; Tue, 10 Mar 2015 08:33:00 -0700 (PDT) X-Received: by 10.140.151.74 with SMTP id 71mr43106656qhx.15.1426001580300; Tue, 10 Mar 2015 08:33:00 -0700 (PDT) Received: from ip-10-35-177-41.ec2.internal (lists.linaro.org. [54.225.227.206]) by mx.google.com with ESMTPS id d4si803625qcs.19.2015.03.10.08.32.59 (version=TLSv1 cipher=RC4-SHA bits=128/128); Tue, 10 Mar 2015 08:33:00 -0700 (PDT) Received-SPF: none (google.com: lng-odp-bounces@lists.linaro.org does not designate permitted sender hosts) client-ip=54.225.227.206; Received: from localhost ([127.0.0.1] helo=ip-10-35-177-41.ec2.internal) by ip-10-35-177-41.ec2.internal with esmtp (Exim 4.76) (envelope-from ) id 1YVM9Q-00045h-M2; Tue, 10 Mar 2015 15:32:56 +0000 Received: from mail-la0-f49.google.com ([209.85.215.49]) by ip-10-35-177-41.ec2.internal with esmtp (Exim 4.76) (envelope-from ) id 1YVM8C-0003px-DX for lng-odp@lists.linaro.org; Tue, 10 Mar 2015 15:31:40 +0000 Received: by labge10 with SMTP id ge10so2516790lab.7 for ; Tue, 10 Mar 2015 08:31:34 -0700 (PDT) X-Received: by 10.112.110.231 with SMTP id id7mr31052718lbb.28.1426001494864; Tue, 10 Mar 2015 08:31:34 -0700 (PDT) Received: from uglx0153363.synapse.com ([195.238.92.128]) by mx.google.com with ESMTPSA id a2sm106609lbm.32.2015.03.10.08.31.33 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 10 Mar 2015 08:31:34 -0700 (PDT) From: Taras Kondratiuk To: lng-odp@lists.linaro.org Date: Tue, 10 Mar 2015 17:31:13 +0200 Message-Id: <1426001473-14618-16-git-send-email-taras.kondratiuk@linaro.org> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1426001473-14618-1-git-send-email-taras.kondratiuk@linaro.org> References: <1426001473-14618-1-git-send-email-taras.kondratiuk@linaro.org> X-Topics: crypto patch Cc: Taras Kondratiuk Subject: [lng-odp] [KEYSTONE2 PATCH 15/15] linux-ks2: crypto: update module X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: , List-Help: , List-Subscribe: , MIME-Version: 1.0 Errors-To: lng-odp-bounces@lists.linaro.org Sender: lng-odp-bounces@lists.linaro.org X-Removed-Original-Auth: Dkim didn't pass. X-Original-Sender: taras.kondratiuk@linaro.org X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.215.53 as permitted sender) smtp.mail=patch+caf_=patchwork-forward=linaro.org@linaro.org Mailing-list: list patchwork-forward@linaro.org; contact patchwork-forward+owners@linaro.org X-Google-Group-Id: 836684582541 Signed-off-by: Taras Kondratiuk Signed-off-by: Taras Kondratiuk --- platform/linux-keystone2/Makefile.am | 3 +- platform/linux-keystone2/include/odp.h | 2 + platform/linux-keystone2/include/odp/crypto.h | 366 ++------------------- platform/linux-keystone2/include/odp/packet.h | 2 +- .../include/odp/plat/crypto_types.h | 90 +++++ .../linux-keystone2/include/odp_crypto_internal.h | 84 ----- platform/linux-keystone2/odp_crypto.c | 331 ++++++++----------- platform/linux-keystone2/odp_init.c | 4 +- 8 files changed, 267 insertions(+), 615 deletions(-) create mode 100644 platform/linux-keystone2/include/odp/plat/crypto_types.h delete mode 100644 platform/linux-keystone2/include/odp_crypto_internal.h diff --git a/platform/linux-keystone2/Makefile.am b/platform/linux-keystone2/Makefile.am index 38be9b6..806be89 100644 --- a/platform/linux-keystone2/Makefile.am +++ b/platform/linux-keystone2/Makefile.am @@ -60,6 +60,7 @@ odpplatincludedir = $(includedir)/odp/plat odpplatinclude_HEADERS = \ $(srcdir)/include/odp/plat/align.h \ $(srcdir)/include/odp/plat/buffer_types.h \ + $(srcdir)/include/odp/plat/crypto_types.h \ $(srcdir)/include/odp/plat/debug.h \ $(srcdir)/include/odp/plat/event_types.h \ $(srcdir)/include/odp/plat/mcsdk_tune.h \ @@ -75,7 +76,6 @@ odpplatinclude_HEADERS = \ $(linux_generic_srcdir)/include/odp/plat/byteorder_types.h \ $(linux_generic_srcdir)/include/odp/plat/classification_types.h \ $(linux_generic_srcdir)/include/odp/plat/cpumask_types.h \ - $(linux_generic_srcdir)/include/odp/plat/crypto_types.h \ $(linux_generic_srcdir)/include/odp/plat/schedule_types.h \ $(linux_generic_srcdir)/include/odp/plat/shared_memory_types.h \ $(linux_generic_srcdir)/include/odp/plat/strong_types.h \ @@ -138,6 +138,7 @@ __LIB__libodp_la_SOURCES = \ odp_packet.c \ odp_queue.c \ odp_packet_io.c \ + odp_crypto.c \ mcsdk/mcsdk_init.c \ mcsdk/mcsdk_navig.c \ mcsdk/mcsdk_rmclient.c \ diff --git a/platform/linux-keystone2/include/odp.h b/platform/linux-keystone2/include/odp.h index 57fb5bc..7704eda 100644 --- a/platform/linux-keystone2/include/odp.h +++ b/platform/linux-keystone2/include/odp.h @@ -41,6 +41,8 @@ extern "C" { #include #include #include +#include +#include #include #include #include diff --git a/platform/linux-keystone2/include/odp/crypto.h b/platform/linux-keystone2/include/odp/crypto.h index c61795e..b28c820 100644 --- a/platform/linux-keystone2/include/odp/crypto.h +++ b/platform/linux-keystone2/include/odp/crypto.h @@ -19,351 +19,33 @@ extern "C" { #endif -#include -#include -#include -#include -#include -#include - -/** Invalid session handle */ -#define ODP_CRYPTO_SESSION_INVALID NULL - -/** - * Crypto API opaque session handle - */ -typedef struct odp_crypto_session_s *odp_crypto_session_t; - -/** - * Crypto API operation mode - */ -enum odp_crypto_op_mode { - ODP_CRYPTO_SYNC, /**< Synchronous, return results immediately */ - ODP_CRYPTO_ASYNC, /**< Aynchronous, return results via posted event */ -}; - -/** - * Crypto API operation type - */ -enum odp_crypto_op { - ODP_CRYPTO_OP_ENCODE, /**< Encrypt and/or compute authentication ICV */ - ODP_CRYPTO_OP_DECODE /**< Decrypt and/or verify authentication ICV */ -}; - -/** - * Crypto API cipher algorithm - */ -enum odp_cipher_alg { - ODP_CIPHER_ALG_NULL = NWAL_SA_EALG_NULL, /**< No cipher */ - ODP_CIPHER_ALG_DES = NWAL_SA_EALG_DES_CBC, /**< DES cipher block chaining */ - ODP_CIPHER_ALG_3DES_CBC = NWAL_SA_EALG_3DES_CBC, /**< Triple DES cipher block chaining */ - ODP_CIPHER_ALG_AES_CBC = NWAL_SA_EALG_AES_CBC, /**< AES cipher block chaining */ - ODP_CIPHER_ALG_AES_CTR = NWAL_SA_EALG_AES_CTR, /**< AES counter */ - ODP_CIPHER_ALG_AES_CCM = NWAL_SA_EALG_AES_CCM, /**< AES counter with CBC-MAC */ - ODP_CIPHER_ALG_AES_GCM = NWAL_SA_EALG_AES_GCM, /**< AES galois counter */ -}; - -/** - * Crypto API authentication algorithm - */ -enum odp_auth_alg { - ODP_AUTH_ALG_NULL = NWAL_SA_AALG_NULL, /**< No authentication */ - ODP_AUTH_ALG_MD5_96 = NWAL_SA_AALG_HMAC_MD5, /**< HMAC-MD5 with 96 bit key */ - ODP_AUTH_ALG_SHA1 = NWAL_SA_AALG_HMAC_SHA1, /**< HMAC-SHA1 */ -}; - -/** - * Crypto API key structure - */ -typedef struct odp_crypto_key { - uint8_t *data; /**< Key data */ - uint32_t length; /**< Key length in bytes */ -} odp_crypto_key_t; - -/** - * Crypto API IV structure - */ -typedef struct odp_crypto_iv { - uint8_t *data; /**< IV data */ - uint32_t length; /**< IV length in bytes */ -} odp_crypto_iv_t; - -/** - * Crypto API data range specifier - */ -typedef struct odp_crypto_data_range { - uint32_t offset; /**< Offset from beginning of buffer (chain) */ - uint32_t length; /**< Length of data to operate on */ -} odp_crypto_data_range_t; - -/** - * Crypto API session creation paramters - * - * @todo Add "odp_session_proc_info_t" - */ -typedef struct odp_crypto_session_params { - enum odp_crypto_op op; /**< Encode versus decode */ - bool auth_cipher_text; /**< Authenticate/cipher ordering */ - enum odp_crypto_op_mode pref_mode; /**< Preferred sync vs async */ - enum odp_cipher_alg cipher_alg; /**< Cipher algorithm */ - odp_crypto_key_t cipher_key; /**< Cipher key */ - odp_crypto_iv_t iv; /**< Cipher Initialization Vector (IV) */ - enum odp_auth_alg auth_alg; /**< Authentication algorithm */ - odp_crypto_key_t auth_key; /**< Authentication key */ - odp_queue_t compl_queue; /**< Async mode completion event queue */ - odp_buffer_pool_t output_pool; /**< Output buffer pool */ -} odp_crypto_session_params_t; - -/** - * @var odp_crypto_session_params_t::auth_cipher_text - * - * Controls ordering of authentication and cipher operations, - * and is relative to the operation (encode vs decode). - * When encoding, @c TRUE indicates the authentication operation - * should be peformed @b after the cipher operation else before. - * When decoding, @c TRUE indicates the reverse order of operation. - * - * @var odp_crypto_session_params_t::compl_queue - * - * When the API operates asynchronously, the completion queue is - * used to return the completion status of the operation to the - * application. - * - * @var odp_crypto_session_params_t::output_pool - * - * When the output packet is not specified during the call to - * odp_crypto_operation, the output packet buffer will be allocated - * from this pool. - */ - -/** - * Crypto API per packet operation parameters - * - * @todo Clarify who zero's ICV and how this relates to "hash_result_offset" - */ -typedef struct odp_crypto_op_params { - odp_crypto_session_t session; /**< Session handle from creation */ - odp_packet_t pkt; /**< Input packet buffer */ - odp_packet_t out_pkt; /**< Output packet buffer */ - uint8_t *override_iv_ptr; /**< Override session IV pointer */ - uint32_t hash_result_offset; /**< Offset from start of packet buffer for hash result */ - odp_crypto_data_range_t cipher_range; /**< Data range to apply cipher */ - odp_crypto_data_range_t auth_range; /**< Data range to authenticate */ -} odp_crypto_op_params_t; - -/** - * @var odp_crypto_op_params_t::pkt - * Specifies the input packet buffer for the crypto operation. When the - * @c out_pkt variable is set to @c ODP_PACKET_INVALID (indicating a new - * buffer should be allocated for the resulting packet), the \#define TBD - * indicates whether the implementation will free the input packet buffer - * or if it becomes the responsibility of the caller. - * - * @var odp_crypto_op_params_t::out_pkt - * - * The API supports both "in place" (the original packet "pkt" is - * modified) and "copy" (the packet is replicated to a new buffer - * which contains the modified data). - * - * The "in place" mode of operation is indicated by setting @c out_pkt - * equal to @c pkt. For the copy mode of operation, setting @c out_pkt - * to a valid packet buffer value indicates the caller wishes to specify - * the destination buffer. Setting @c out_pkt to @c ODP_PACKET_INVALID - * indicates the caller wishes the destination packet buffer be allocated - * from the output pool specified during session creation. - * - * @sa odp_crypto_session_params_t::output_pool. - */ - -/** - * Crypto API session creation return code - */ -enum odp_crypto_ses_create_err { - ODP_CRYPTO_SES_CREATE_ERR_NONE, /**< Session created */ - ODP_CRYPTO_SES_CREATE_ERR_ENOMEM, /**< Creation failed, no resources */ - ODP_CRYPTO_SES_CREATE_ERR_INV_CIPHER, /**< Creation failed, bad cipher params */ - ODP_CRYPTO_SES_CREATE_ERR_INV_AUTH, /**< Creation failed, bad auth params */ -}; - -/** - * Crypto API algorithm return code - */ -enum crypto_alg_err { - ODP_CRYPTO_ALG_ERR_NONE, /**< Algorithm successful */ - ODP_CRYPTO_ALG_ERR_DATA_SIZE, /**< Invalid data block size */ - ODP_CRYPTO_ALG_ERR_KEY_SIZE, /**< Key size invalid for algorithm */ - ODP_CRYPTO_ALG_ERR_ICV_CHECK, /**< Computed ICV value mismatch */ -}; - -/** - * Crypto API hardware centric return code - */ -enum crypto_hw_err { - ODP_CRYPTO_HW_ERR_NONE, /**< Operation completed successfully */ - ODP_CRYPTO_HW_ERR_DMA, /**< Error detected during DMA of data */ - ODP_CRYPTO_HW_ERR_BP_DEPLETED, /**< Operation failed due to buffer pool depletion */ -}; - -/** - * Cryto API per packet operation completion status - */ -typedef struct odp_crypto_compl_status { - enum crypto_alg_err alg_err; /**< Algorithm specific return code */ - enum crypto_hw_err hw_err; /**< Hardware specific return code */ -} odp_crypto_compl_status_t; - - -/** - * Crypto session creation (synchronous) - * - * @param params Session parameters - * @param session Created session else ODP_CRYPTO_SESSION_INVALID - * @param status Failure code if unsuccessful - * - * @return 0 if successful else -1 - */ -int -odp_crypto_session_create(odp_crypto_session_params_t *params, - odp_crypto_session_t *session, - enum odp_crypto_ses_create_err *status); - -/** - * Crypto session destroy (synchronous) - * - * @param session Session handle to destroy - * - * @return 0 if successful else -1 - */ -int odp_crypto_session_destroy(odp_crypto_session_t session); - -/** - * Crypto session creation (asynchronous) - * - * Initiate crypto session creation. Results are delivered using - * the completion event via the completion queue. - * - * @param params Session parameters - * @param completion_event Event by which the session creation results are - * delivered. - * @param completion_queue Queue by which the completion event will be - * delivered. - * - * @return 0 if successful else -1 - * - */ -int -odp_crypto_session_create_async(odp_crypto_session_params_t *params, - odp_buffer_t completion_event, - odp_queue_t completion_queue); - - -/** - * Crypto session creation completion status - * - * Accessor function for obtaining creation status from the completion event. - * - * @param completion_event Event containing operation results - * @param status Pointer to store creation return code - */ -void -odp_crypto_get_ses_create_compl_status(odp_buffer_t completion_event, - enum odp_crypto_ses_create_err *status); - -/** - * Crypto session creation completion return value - * - * Accessor function for obtaining handle for newly created session. - * - * @param completion_event Event containing operation results - * @param session Pointer to store session handle - */ -void -odp_crypto_get_ses_create_compl_session(odp_buffer_t completion_event, - odp_crypto_session_t *session); - -/** - * Crypto per packet operation - * - * Performs the cryptographic operations specified during session creation - * on the packet. If the operation is performed synchronously, "posted" - * will return FALSE and the result of the operation is immediately available - * in the completion event. If "posted" returns TRUE the result will be - * delivered via the completion queue specified when the session was created. - * - * @todo Resolve if completion_event is necessary, can/should the output - * packet buffer always be used instead. - * - * @param params Operation parameters - * @param posted Pointer to return posted, TRUE for async operation - * @param completion_event Event by which the operation results are delivered. - * - * @return 0 if successful else -1 - */ -int -odp_crypto_operation(odp_crypto_op_params_t *params, - bool *posted, - odp_buffer_t completion_event); - -/** - * Crypto per packet operation set user context in completion event - * - * @param completion_event Event containing operation results - * @param ctx User data - */ -void -odp_crypto_set_operation_compl_ctx(odp_buffer_t completion_event, - void *ctx); - -/** - * Crypto per packet operation completion status - * - * Accessor function for obtaining operation status from the completion event. - * - * @param completion_event Event containing operation results - * @param auth Pointer to store authentication results - * @param cipher Pointer to store cipher results - */ -void -odp_crypto_get_operation_compl_status(odp_buffer_t completion_event, - odp_crypto_compl_status_t *auth, - odp_crypto_compl_status_t *cipher); +#include +#include +#include +#include +#include + +#include + +static inline +void odp_crypto_compl_free(odp_crypto_compl_t completion_event ODP_UNUSED) +{ + /* Completion event is a packet itself, so nothing to be done. */ +} -/** - * Crypto per packet operation query completed operation packet - * - * Accessor function for obtaining current packet buffer, can be - * different from input packet buffer on some systems - * - * @param completion_event Event containing operation results - * - * @return Packet structure where data now resides - */ -odp_packet_t -odp_crypto_get_operation_compl_packet(odp_buffer_t completion_event); +static inline +odp_crypto_compl_t odp_crypto_compl_from_event(odp_event_t ev) +{ + return (odp_crypto_compl_t)ev; +} -/** - * Crypto per packet operation query user context in completion event - * - * @param completion_event Event containing operation results - * - * @return User data - */ -void * -odp_crypto_get_operation_compl_ctx(odp_buffer_t completion_event); +static inline +odp_event_t odp_crypto_compl_to_event(odp_crypto_compl_t completion) +{ + return (odp_event_t)completion; +} -/** - * Generate random byte string - * - * @param buf Pointer to store result - * @param len Pointer to input length value as well as return value - * @param use_entropy Use entropy - * - * @todo Define the implication of the use_entropy parameter - * - * @return 0 if succesful - */ -int -odp_hw_random_get(uint8_t *buf, size_t *len, bool use_entropy); +#include #ifdef __cplusplus } diff --git a/platform/linux-keystone2/include/odp/packet.h b/platform/linux-keystone2/include/odp/packet.h index 1104006..4001a93 100644 --- a/platform/linux-keystone2/include/odp/packet.h +++ b/platform/linux-keystone2/include/odp/packet.h @@ -121,12 +121,12 @@ typedef struct odp_pkthdr { uint16_t l3_offset; /**< offset to L3 hdr, e.g. IPv4, IPv6 */ uint16_t l4_offset; /**< offset to L4 hdr (TCP, UDP, SCTP, also ICMP) */ - odp_pktio_t input; struct { int16_t saved_buf_offset; uint32_t hash_offset; + void *op_context; union { struct { } enc; diff --git a/platform/linux-keystone2/include/odp/plat/crypto_types.h b/platform/linux-keystone2/include/odp/plat/crypto_types.h new file mode 100644 index 0000000..a5a84f2 --- /dev/null +++ b/platform/linux-keystone2/include/odp/plat/crypto_types.h @@ -0,0 +1,90 @@ +/* + * Copyright (c) 2014, Linaro Limited + * Copyright (c) 2014, Texas Instruments Incorporated + * All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +/** + * @file + * + * ODP crypto types + */ + +#ifndef ODP_PLAT_CRYPTO_TYPES_H_ +#define ODP_PLAT_CRYPTO_TYPES_H_ + +#include +#include +#include + +/** @addtogroup odp_crypto + * @{ + */ + +typedef odp_handle_t odp_crypto_compl_t; +#define ODP_CRYPTO_COMPL_INVALID ((odp_crypto_compl_t)0) + +typedef struct odp_crypto_session_s *odp_crypto_session_t; +#define ODP_CRYPTO_SESSION_INVALID ((odp_crypto_session_t)NULL) + +enum odp_crypto_op_mode { + ODP_CRYPTO_SYNC, + ODP_CRYPTO_ASYNC, +}; + +enum odp_crypto_op { + ODP_CRYPTO_OP_ENCODE, + ODP_CRYPTO_OP_DECODE, +}; + +enum odp_cipher_alg { + ODP_CIPHER_ALG_NULL = NWAL_SA_EALG_NULL, /**< No cipher */ + ODP_CIPHER_ALG_DES = NWAL_SA_EALG_DES_CBC, /**< DES cipher block chaining */ + ODP_CIPHER_ALG_3DES_CBC = NWAL_SA_EALG_3DES_CBC, /**< Triple DES cipher block chaining */ + ODP_CIPHER_ALG_AES_CBC = NWAL_SA_EALG_AES_CBC, /**< AES cipher block chaining */ + ODP_CIPHER_ALG_AES_CTR = NWAL_SA_EALG_AES_CTR, /**< AES counter */ + ODP_CIPHER_ALG_AES_CCM = NWAL_SA_EALG_AES_CCM, /**< AES counter with CBC-MAC */ + ODP_CIPHER_ALG_AES_GCM = NWAL_SA_EALG_AES_GCM, /**< AES galois counter */ +}; + +enum odp_auth_alg { + ODP_AUTH_ALG_NULL = NWAL_SA_AALG_NULL, /**< No authentication */ + ODP_AUTH_ALG_MD5_96 = NWAL_SA_AALG_HMAC_MD5, /**< HMAC-MD5 with 96 bit key */ + ODP_AUTH_ALG_SHA1 = NWAL_SA_AALG_HMAC_SHA1, /**< HMAC-SHA1 */ +}; + +enum odp_crypto_ses_create_err { + ODP_CRYPTO_SES_CREATE_ERR_NONE, + ODP_CRYPTO_SES_CREATE_ERR_ENOMEM, + ODP_CRYPTO_SES_CREATE_ERR_INV_CIPHER, + ODP_CRYPTO_SES_CREATE_ERR_INV_AUTH, +}; + +enum crypto_alg_err { + ODP_CRYPTO_ALG_ERR_NONE, + ODP_CRYPTO_ALG_ERR_DATA_SIZE, + ODP_CRYPTO_ALG_ERR_KEY_SIZE, + ODP_CRYPTO_ALG_ERR_ICV_CHECK, +}; + +enum crypto_hw_err { + ODP_CRYPTO_HW_ERR_NONE, + ODP_CRYPTO_HW_ERR_DMA, + ODP_CRYPTO_HW_ERR_BP_DEPLETED, +}; + +/** Get printable format of odp_crypto_session_t */ +static inline uint64_t odp_crypto_session_to_u64(odp_crypto_session_t hdl) +{ + return _odp_pri(hdl); +} + +/** Get printable format of odp_crypto_compl_t_t */ +static inline uint64_t odp_crypto_compl_to_u64(odp_crypto_compl_t hdl) +{ + return _odp_pri(hdl); +} + +#endif diff --git a/platform/linux-keystone2/include/odp_crypto_internal.h b/platform/linux-keystone2/include/odp_crypto_internal.h deleted file mode 100644 index 17756fd..0000000 --- a/platform/linux-keystone2/include/odp_crypto_internal.h +++ /dev/null @@ -1,84 +0,0 @@ -/* - * Copyright (c) 2014, Linaro Limited - * Copyright (c) 2014, Texas Instruments Incorporated - * All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -#ifndef ODP_CRYPTO_INTERNAL_H_ -#define ODP_CRYPTO_INTERNAL_H_ - -#ifdef __cplusplus -extern "C" { -#endif - -#include -#include - -#define OP_RESULT_MAGIC 0x91919191 - -/** Forward declaration of session structure */ -struct odp_crypto_session_s; - -/** - * Algorithm handler function prototype - */ -typedef -enum crypto_alg_err (*crypto_func_t)(struct odp_crypto_op_params *params, - struct odp_crypto_session_s *session); - -#define ODP_CRYPTO_MAX_IV_LENGTH 32 - -struct iv_full { - uint8_t data[ODP_CRYPTO_MAX_IV_LENGTH]; - size_t length; -}; - - -/** - * Per crypto session data structure - */ -struct odp_crypto_session_s { - nwal_Handle dm_handle; - nwalTxDmPSCmdInfo_t dm_ps_cmdinfo; - odp_buffer_pool_t out_pool; - uint32_t out_flow_id; - odp_queue_t compl_queue; - struct { - enum odp_cipher_alg alg; - struct iv_full iv; - } cipher; - - struct { - enum odp_auth_alg alg; - struct iv_full iv; - uint32_t tag_len; - } auth; - - uint32_t index; - enum odp_crypto_op op; -}; - -/** - * Per packet operation result - */ -struct odp_operation_result_s { - uint32_t magic; - struct odp_crypto_compl_status cipher; - struct odp_crypto_compl_status auth; -}; - -/** - * Per session creation operation result - */ -struct odp_session_result_s { - enum odp_crypto_ses_create_err rc; - odp_crypto_session_t session; -}; - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/platform/linux-keystone2/odp_crypto.c b/platform/linux-keystone2/odp_crypto.c index 4214d08..1c1868d 100644 --- a/platform/linux-keystone2/odp_crypto.c +++ b/platform/linux-keystone2/odp_crypto.c @@ -6,22 +6,57 @@ * SPDX-License-Identifier: BSD-3-Clause */ -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include + #include -#include -#include +#include +#include #include -#include +#include + +#define ODP_CRYPTO_MAX_IV_LENGTH 32 + +struct iv_full { + uint8_t data[ODP_CRYPTO_MAX_IV_LENGTH]; + size_t length; +}; + +/** + * Per crypto session data structure + */ +struct odp_crypto_session_s { + nwal_Handle dm_handle; + nwalTxDmPSCmdInfo_t dm_ps_cmdinfo; + odp_pool_t out_pool; + int32_t out_flow_id; + odp_queue_t compl_queue; + struct { + enum odp_cipher_alg alg; + struct iv_full iv; + } cipher; + + struct { + enum odp_auth_alg alg; + struct iv_full iv; + uint32_t tag_len; + } auth; + + uint32_t index; + enum odp_crypto_op op; +}; #define MAX_SESSIONS 32 @@ -38,6 +73,7 @@ static struct odp_crypto_session_s *alloc_session(void) uint32_t idx; struct odp_crypto_session_s *session = NULL; + /** @todo: improve allocation */ idx = odp_atomic_fetch_inc_u32(&global->next); if (idx < global->max) { session = &global->sessions[idx]; @@ -75,8 +111,6 @@ int odp_crypto_session_create(odp_crypto_session_params_t *params, { nwal_RetValue nwal_ret; nwalCreateDmSAParams_t sa_params; - nwalMbufPool_t rx_pool; - Cppi_FlowHnd out_flow; struct odp_crypto_session_s *session; ODP_ASSERT((params->cipher_alg != ODP_CIPHER_ALG_NULL || @@ -115,33 +149,22 @@ int odp_crypto_session_create(odp_crypto_session_params_t *params, *status = ODP_CRYPTO_SES_CREATE_ERR_INV_CIPHER; return -1; } - memcpy(session->cipher.iv.data, params->iv.data, params->iv.length); - /** @todo: need separate IV for Auth */ - memcpy(session->auth.iv.data, params->iv.data, params->iv.length); + if (params->iv.data) { + memcpy(session->cipher.iv.data, params->iv.data, + params->iv.length); + /** @todo: need separate IV for Auth */ + memcpy(session->auth.iv.data, params->iv.data, + params->iv.length); + } session->compl_queue = params->compl_queue; session->out_pool = params->output_pool; - - rx_pool.numBufPools = 1; - rx_pool.bufPool[0].heapHandle = session->out_pool; - rx_pool.bufPool[0].bufSize = - Pktlib_getMaxBufferSize(session->out_pool); - rx_pool.bufPool[0].descSize = TUNE_NETAPI_DESC_SIZE; - - nwal_ret = nwal_SetupFlow(odp_global->nwal.handle, - &rx_pool, - 0, /* buffer header travels via SA, so no offset */ - odp_local.nwal.cfg.rxPktTailRoomSz, - &out_flow, - nwal_FALSE); - - if (nwal_ret != nwal_OK) { - *status = ODP_CRYPTO_SES_CREATE_ERR_ENOMEM; + session->out_flow_id = _odp_pool_cppi_flow_id(session->out_pool); + if (session->out_flow_id < 0) { + ODP_ERR("couldn't get pool flow id\n"); return -1; } - session->out_flow_id = Cppi_getFlowId(out_flow); - memset(&sa_params, 0, sizeof(nwalCreateDmSAParams_t)); sa_params.dmSaParam.dmChnType = (params->op == ODP_CRYPTO_OP_DECODE) ? @@ -246,134 +269,61 @@ static inline int hash_compare_be32(const uint32_t *orig, const uint32be_t *sa, * * @return offset value */ -static inline int16_t odp_crypto_buffer_preprocess(odp_buffer_t buf) +static inline int16_t odp_crypto_packet_preprocess(odp_packet_t pkt) { struct odp_pkthdr *hdr; int16_t offset; Cppi_HostDesc *desc; - uint32_t packet_length; - desc = _odp_buf_to_cppi_desc(buf); - hdr = odp_packet_hdr(odp_packet_from_buffer(buf)); - offset = desc->buffPtr - desc->origBuffPtr; + desc = _odp_pkt_to_cppi_desc(pkt); + hdr = _odp_pkt_hdr(pkt); + offset = _cppi_desc_buf_vptr(desc) - _cppi_desc_orig_vptr(desc); hdr->crypto.saved_buf_offset = offset; - odp_pr_dbg("buffPtr: 0x%08x, buffLen: 0x%x, offset: %x\n", - desc->buffPtr, desc->buffLen, offset); - desc->buffPtr -= offset; - desc->buffLen += offset; - packet_length = odp_packet_get_len(odp_packet_from_buffer(buf)); - odp_packet_set_len(odp_packet_from_buffer(buf), - packet_length + offset); - odp_pr_vdbg_packet(odp_packet_from_buffer(buf)); - return offset; -} - -/** - * Restore bufPtr after SA operation - * - * @return offset value - */ -static inline void odp_crypto_buffer_postprocess(odp_buffer_t buf, - enum crypto_alg_err *alg_err) -{ - Cppi_HostDesc *desc; - int16_t offset; - uint8_t *auth_tag = NULL; - uint32_t auth_tag_len = 0; - struct odp_pkthdr *hdr; - struct odp_crypto_session_s *session; - Ti_Pkt *pkt; - uint32_t packet_length; - nwal_Bool_t result; - enum crypto_alg_err auth_err = ODP_CRYPTO_ALG_ERR_NONE; - - odp_pr_vdbg_packet(odp_packet_from_buffer(buf)); - hdr = odp_packet_hdr(odp_packet_from_buffer(buf)); - offset = hdr->crypto.saved_buf_offset; - if (offset == ODP_CRYPTO_BUFFER_PROCESSED_OFFSET) { - /* Buffer already post-processed */ - return; - } - ODP_ASSERT(offset >= 0, "Wrong saved buffer offset\n"); - - hdr->crypto.saved_buf_offset = ODP_CRYPTO_BUFFER_PROCESSED_OFFSET; - pkt = _odp_buf_to_ti_pkt(buf); - desc = _odp_buf_to_cppi_desc(buf); - - odp_pr_dbg("buffPtr: 0x%08x, buffLen: 0x%x, offset: %x\n", + odp_pr_dbg("buffPtr: 0x%08x, buffLen: 0x%x, offset: 0x%x\n", desc->buffPtr, desc->buffLen, offset); - desc->buffPtr += offset; - desc->buffLen -= offset; - packet_length = odp_packet_get_len(odp_packet_from_buffer(buf)); - odp_packet_set_len(odp_packet_from_buffer(buf), - packet_length - offset); - - result = nwal_mGetAppidFmPkt(pkt, (nwal_AppId *)&session); - ODP_ASSERT(result == nwal_TRUE, "Can't get crypto session context\n"); - odp_pr_dbg("Session addr: %p\n", session); - - nwal_mmGetDmAuthTag(pkt, &auth_tag, &auth_tag_len); - - ODP_ASSERT(session->auth.tag_len <= auth_tag_len, - "Auth tag length from SA is bigger than ICV length"); - ODP_ASSERT(!((uintptr_t)auth_tag & 0x3), - "Auth tag is not 4 bytes aligned"); - - if (session->op == ODP_CRYPTO_OP_ENCODE) { - /* Copy hash to packet */ - uint8_t *data = odp_buffer_addr(buf); - data += hdr->crypto.hash_offset; - hash_copy_be32(data, (uint32be_t *)(void *)auth_tag, - session->auth.tag_len); - } else if (hash_compare_be32(hdr->crypto.dec.hash_tag, - (uint32be_t *)(void *)auth_tag, - session->auth.tag_len)) { - odp_pr_dbg("ICV is wrong\n"); - odp_pr_dbg_mem(hdr->crypto.dec.hash_tag, session->auth.tag_len, - "Saved auth tag"); - odp_pr_dbg_mem(auth_tag, session->auth.tag_len, - "Decoded auth tag"); - auth_err = ODP_CRYPTO_ALG_ERR_ICV_CHECK; - } - if (alg_err) - *alg_err = auth_err; - return; + _cppi_desc_shift_vptr(desc, -offset); + odp_pr_vdbg_packet(pkt); + return offset; } int odp_crypto_operation(odp_crypto_op_params_t *params, - bool *posted, - odp_buffer_t completion_event ODP_UNUSED) + odp_bool_t *posted, + odp_crypto_op_result_t *result ODP_UNUSED) { nwalTxDmPSCmdInfo_t *dm_cmd_info; Cppi_HostDesc *desc; struct odp_crypto_session_s *session; - odp_buffer_t buf = odp_packet_to_buffer(params->pkt); - struct odp_pkthdr *hdr = odp_packet_hdr(params->pkt); + odp_packet_t pkt = params->pkt; + struct odp_pkthdr *hdr = _odp_pkt_hdr(pkt); uint32_t offset; uint8_t *data; session = (struct odp_crypto_session_s *)(intptr_t)params->session; - /* Out packet is allocated from out poll and can't be specified */ - if (params->out_pkt != ODP_PACKET_INVALID) + if (params->out_pkt != ODP_PACKET_INVALID) { + ODP_ERR("Out packet is allocated from out poll so can't be specified\n"); return -1; + } dm_cmd_info = &session->dm_ps_cmdinfo; dm_cmd_info->rxSbSaQ = _odp_queue_to_qmss_queue(session->compl_queue); dm_cmd_info->rxPktFlowId = session->out_flow_id; /* Save hash tag for decode operation and fill hash result with 0's*/ - data = odp_packet_addr(params->pkt); + data = odp_packet_data(pkt); data += params->hash_result_offset; hdr->crypto.hash_offset = params->hash_result_offset; - if (session->op == ODP_CRYPTO_OP_DECODE) + hdr->crypto.op_context = params->ctx; + if (session->op == ODP_CRYPTO_OP_DECODE) { memcpy(hdr->crypto.dec.hash_tag, data, session->auth.tag_len); - memset(data, 0, session->auth.tag_len); + memset(data, 0, session->auth.tag_len); + } - offset = odp_crypto_buffer_preprocess(buf); + offset = odp_crypto_packet_preprocess(pkt); + desc = _odp_pkt_to_cppi_desc(pkt); - nwal_mCmdDMUpdate(_odp_buf_to_ti_pkt(buf), + nwal_mCmdDMUpdate(Pktlib_getPacketFromDesc(desc), dm_cmd_info, nwal_HANDLE_INVALID, params->cipher_range.offset + offset, @@ -387,7 +337,6 @@ int odp_crypto_operation(odp_crypto_op_params_t *params, 0, /** @todo: Should be aadSize from session? */ NULL); - desc = _odp_buf_to_cppi_desc(buf); desc = Osal_qmssConvertDescVirtToPhy(0, desc); Qmss_queuePushDescSizeRaw(dm_cmd_info->txQueue, @@ -421,81 +370,93 @@ int odp_crypto_init_global(void) return 0; } -int odp_hw_random_get(uint8_t *buf, uint32_t *len, bool use_entropy ODP_UNUSED) +ssize_t odp_random_data(uint8_t *buf, ssize_t size, + odp_bool_t use_entropy ODP_UNUSED) { Sa_RngData_t random; uint8_t *random_buf; - uint32_t length = *len; + uint32_t length = size; uint32_t i; nwal_RetValue ret; ret = nwal_getSARandomNum(odp_global->nwal.handle, &random); - if (ret != nwal_OK) { - *len = 0; + if (ret != nwal_OK) return -1; - } + random_buf = (uint8_t *)&random; if (length > sizeof(Sa_RngData_t)) length = sizeof(Sa_RngData_t); for (i = 0; i < length; i++) *buf++ = *random_buf++; - *len = length; - - return 0; + return length; } -void -odp_crypto_get_operation_compl_status(odp_buffer_t completion_event, - struct odp_crypto_compl_status *auth, - struct odp_crypto_compl_status *cipher) -{ - auth->hw_err = ODP_CRYPTO_HW_ERR_NONE; - auth->alg_err = ODP_CRYPTO_ALG_ERR_NONE; - cipher->hw_err = ODP_CRYPTO_HW_ERR_NONE; - cipher->alg_err = ODP_CRYPTO_ALG_ERR_NONE; - odp_crypto_buffer_postprocess(completion_event, &auth->alg_err); +void odp_crypto_compl_result(odp_crypto_compl_t compl, + odp_crypto_op_result_t *result) +{ + result->ctx = NULL; + Cppi_HostDesc *desc; + int16_t offset; + uint8_t *auth_tag = NULL; + uint32_t auth_tag_len = 0; + struct odp_pkthdr *hdr; + struct odp_crypto_session_s *session; + Ti_Pkt *ti_pkt; + nwal_Bool_t nwal_result; + odp_packet_t pkt = _odp_ev_to_pkt(odp_crypto_compl_to_event(compl)); - return; -} + odp_pr_vdbg_packet(pkt); + hdr = _odp_pkt_hdr(pkt); + offset = hdr->crypto.saved_buf_offset; + if (odp_unlikely(offset == ODP_CRYPTO_BUFFER_PROCESSED_OFFSET)) { + /* Buffer already post-processed */ + return; + } + ODP_ASSERT(offset >= 0, "Wrong saved buffer offset\n"); -odp_packet_t -odp_crypto_get_operation_compl_packet(odp_buffer_t completion_event) -{ - odp_crypto_buffer_postprocess(completion_event, NULL); - return odp_packet_from_buffer(completion_event); -} + hdr->crypto.saved_buf_offset = ODP_CRYPTO_BUFFER_PROCESSED_OFFSET; + desc = _odp_pkt_to_cppi_desc(pkt); + ti_pkt = Pktlib_getPacketFromDesc(desc); + odp_pr_dbg("buffPtr: 0x%08x, buffLen: 0x%x, offset: 0x%x\n", + desc->buffPtr, desc->buffLen, offset); + _cppi_desc_shift_vptr(desc, offset); -void *odp_crypto_get_operation_compl_ctx(odp_buffer_t completion) -{ - (void)completion; - ODP_UNIMPLEMENTED(); - return NULL; -} + nwal_result = nwal_mGetAppidFmPkt(ti_pkt, (nwal_AppId *)&session); + ODP_ASSERT(nwal_result == nwal_TRUE, + "Can't get crypto session context\n"); + odp_pr_dbg("Session addr: %p\n", session); -void odp_crypto_set_operation_compl_ctx(odp_buffer_t completion_event, - void *ctx) -{ - (void)completion_event; - (void)ctx; - ODP_UNIMPLEMENTED(); -} + nwal_mmGetDmAuthTag(ti_pkt, &auth_tag, &auth_tag_len); -void odp_crypto_get_ses_create_compl_status(odp_buffer_t completion_event, - enum odp_crypto_ses_create_err *status) -{ - struct odp_session_result_s *result; + ODP_ASSERT(session->auth.tag_len <= auth_tag_len, + "Auth tag length from SA is bigger than ICV length"); + ODP_ASSERT(!((uintptr_t)auth_tag & 0x3), + "Auth tag is not 4 bytes aligned"); - result = odp_buffer_addr(completion_event); - *status = result->rc; -} + if (session->op == ODP_CRYPTO_OP_ENCODE) { + /* Copy hash to packet */ + uint8_t *data = odp_packet_data(pkt); + data += hdr->crypto.hash_offset; + hash_copy_be32(data, (uint32be_t *)(void *)auth_tag, + session->auth.tag_len); + } else if (hash_compare_be32(hdr->crypto.dec.hash_tag, + (uint32be_t *)(void *)auth_tag, + session->auth.tag_len)) { + odp_pr_dbg("ICV is wrong\n"); + odp_pr_dbg_mem(hdr->crypto.dec.hash_tag, session->auth.tag_len, + "Saved auth tag"); + odp_pr_dbg_mem(auth_tag, session->auth.tag_len, + "Decoded auth tag"); + result->auth_status.alg_err = ODP_CRYPTO_ALG_ERR_ICV_CHECK; + result->ok = 0; + return; + } -void odp_crypto_get_ses_create_compl_session(odp_buffer_t completion_event, - odp_crypto_session_t *session) -{ - struct odp_session_result_s *result; + result->ok = 1; + result->ctx = hdr->crypto.op_context; + result->pkt = pkt; - result = odp_buffer_addr(completion_event); - *session = result->session; + return; } diff --git a/platform/linux-keystone2/odp_init.c b/platform/linux-keystone2/odp_init.c index 6d78324..9c113c0 100644 --- a/platform/linux-keystone2/odp_init.c +++ b/platform/linux-keystone2/odp_init.c @@ -64,12 +64,12 @@ int odp_init_global(odp_init_t *params ODP_UNUSED, odp_pr_err("ODP packet io init failed.\n"); return -1; } -#if 0 + if (odp_crypto_init_global()) { odp_pr_err("ODP crypto init failed.\n"); return -1; } - +#if 0 if (odp_timer_init_global()) { odp_pr_err("ODP timer init failed.\n"); return -1;