xref: /freebsd/sys/dev/qat/qat_api/common/crypto/sym/include/lac_session.h (revision 71625ec9ad2a9bc8c09784fbd23b759830e0ee5f)
1 /* SPDX-License-Identifier: BSD-3-Clause */
2 /* Copyright(c) 2007-2022 Intel Corporation */
3 
4 /**
5  *****************************************************************************
6  * @file lac_session.h
7  *
8  * @defgroup LacSym_Session Session
9  *
10  * @ingroup LacSym
11  *
12  * Definition of symmetric session descriptor structure
13  *
14  * @lld_start
15  *
16  * @lld_overview
17  * A session is required for each symmetric operation. The session descriptor
18  * holds information about the session from when the session is initialised to
19  * when the session is removed. The session descriptor is used in the
20  * subsequent perform operations in the paths for both sending the request and
21  * receiving the response. The session descriptor and any other state
22  * information required for processing responses from the QAT are stored in an
23  * internal cookie. A pointer to this cookie is stored in the opaque data
24  * field of the QAT request.
25  *
26  * The user allocates the memory for the session using the size returned from
27  * \ref cpaCySymSessionCtxGetSize(). Internally this memory is re-aligned on a
28  * 64 byte boundary for use by the QAT engine. The aligned pointer is saved in
29  * the first bytes (size of void *) of the session memory. This address
30  * is then dereferenced in subsequent performs to get access to the session
31  * descriptor.
32  *
33  * <b>LAC Session Init</b>\n The session descriptor is re-aligned and
34  * populated. This includes populating the content descriptor which contains
35  * the hardware setup for the QAT engine. The content descriptor is a read
36  * only structure after session init and a pointer to it is sent to the QAT
37  * for each perform operation.
38  *
39  * <b>LAC Perform </b>\n
40  * The address for the session descriptor is got by dereferencing the first
41  * bytes of the session memory (size of void *). For each successful
42  * request put on the ring, the pendingCbCount for the session is incremented.
43  *
44  * <b>LAC Callback </b>\n
45  * For each successful response the pendingCbCount for the session is
46  * decremented. See \ref LacSymCb_ProcessCallbackInternal()
47  *
48  * <b>LAC Session Remove </b>\n
49  * The address for the session descriptor is got by dereferencing the first
50  * bytes of the session memory (size of void *).
51  * The pendingCbCount for the session is checked to see if it is 0. If it is
52  * non 0 then there are requests in flight. An error is returned to the user.
53  *
54  * <b>Concurrency</b>\n
55  * A reference count is used to prevent the descriptor being removed
56  * while there are requests in flight.
57  *
58  * <b>Reference Count</b>\n
59  * - The perform funcion increments the reference count for the session.
60  * - The callback function decrements the reference count for the session.
61  * - The Remove function checks the reference count to ensure that it is 0.
62  *
63  * @lld_dependencies
64  * - \ref LacMem "Memory" - Inline memory functions
65  * - QatUtils: logging, locking & virt to phys translations.
66  *
67  * @lld_initialisation
68  *
69  * @lld_module_algorithms
70  *
71  * @lld_process_context
72  *
73  * @lld_end
74  *
75  *****************************************************************************/
76 
77 /***************************************************************************/
78 
79 #ifndef LAC_SYM_SESSION_H
80 #define LAC_SYM_SESSION_H
81 
82 /*
83  * Common alignment attributes to ensure
84  * hashStatePrefixBuffer is 64-byte aligned
85  */
86 #define ALIGN_START(x)
87 #define ALIGN_END(x) __attribute__((__aligned__(x)))
88 /*
89 ******************************************************************************
90 * Include public/global header files
91 ******************************************************************************
92 */
93 
94 #include "cpa.h"
95 #include "icp_accel_devices.h"
96 #include "lac_list.h"
97 #include "lac_sal_types.h"
98 #include "sal_qat_cmn_msg.h"
99 #include "lac_sym_cipher_defs.h"
100 #include "lac_sym.h"
101 #include "lac_sym_hash_defs.h"
102 #include "lac_sym_qat_hash.h"
103 
104 /*
105 *******************************************************************************
106 * Include private header files
107 *******************************************************************************
108 */
109 /**
110 *****************************************************************************
111 * @ingroup LacSym
112 *      Spc state
113 *
114 * @description
115 *      This enum is used to indicate the Spc state.
116 *
117 *****************************************************************************/
118 typedef enum lac_single_pass_state_e {
119 	NON_SPC,    /* Algorithms other than CHACHA-POLY and AES-GCM */
120 	LIKELY_SPC, /* AES-GCM - Likely to handle it as single pass  */
121 	SPC	    /* CHACHA-POLY and AES-GCM */
122 } lac_single_pass_state_t;
123 
124 /**
125 *******************************************************************************
126 * @ingroup LacSym_Session
127 *      Symmetric session descriptor
128 * @description
129 *      This structure stores information about a session
130 *      Note: struct types lac_session_d1_s and lac_session_d2_s are subsets of
131 *      this structure. Elements in all three should retain the same order
132 *      Only this structure is used in the session init call. The other two are
133 *      for determining the size of memory to allocate.
134 *      The comments section of each of the other two structures below show
135 *      the conditions that determine which session context memory size to use.
136 *****************************************************************************/
137 typedef struct lac_session_desc_s {
138 	Cpa8U contentDescriptor[LAC_SYM_QAT_CONTENT_DESC_MAX_SIZE];
139 	/**< QAT Content Descriptor for this session.
140 	 * NOTE: Field must be correctly aligned in memory for access by QAT
141 	 * engine
142 	 */
143 	Cpa8U contentDescriptorOptimised[LAC_SYM_OPTIMISED_CD_SIZE];
144 	/**< QAT Optimised Content Descriptor for this session.
145 	 * NOTE: Field must be correctly aligned in memory for access by QAT
146 	 * engine
147 	 */
148 	CpaCySymOp symOperation;
149 	/**< type of command to be performed */
150 	sal_qat_content_desc_info_t contentDescInfo;
151 	/**< info on the content descriptor */
152 	sal_qat_content_desc_info_t contentDescOptimisedInfo;
153 	/**< info on the optimised content descriptor */
154 	icp_qat_fw_la_cmd_id_t laCmdId;
155 	/**<Command Id for the QAT FW */
156 	lac_sym_qat_hash_state_buffer_info_t hashStateBufferInfo;
157 	/**< info on the hash state prefix buffer */
158 	CpaCySymHashAlgorithm hashAlgorithm;
159 	/**< hash algorithm */
160 	Cpa32U authKeyLenInBytes;
161 	/**< Authentication key length in bytes */
162 	CpaCySymHashMode hashMode;
163 	/**< Mode of the hash operation. plain, auth or nested */
164 	Cpa32U hashResultSize;
165 	/**< size of the digest produced/compared in bytes */
166 	CpaCySymCipherAlgorithm cipherAlgorithm;
167 	/**< Cipher algorithm and mode */
168 	Cpa32U cipherKeyLenInBytes;
169 	/**< Cipher key length in bytes */
170 	CpaCySymCipherDirection cipherDirection;
171 	/**< This parameter determines if the cipher operation is an encrypt or
172 	 * a decrypt operation. */
173 	CpaCySymPacketType partialState;
174 	/**< state of the partial packet. This can be written to by the perform
175 	 * because the SpinLock pPartialInFlightSpinlock guarantees that the
176 	 * state is accessible in only one place at a time. */
177 	icp_qat_la_bulk_req_hdr_t reqCacheHdr;
178 	icp_qat_fw_la_key_gen_common_t reqCacheMid;
179 	icp_qat_la_bulk_req_ftr_t reqCacheFtr;
180 	/**< Cache as much as possible of the bulk request in a pre built
181 	 * request (header, mid & footer). */
182 	CpaCySymCbFunc pSymCb;
183 	/**< symmetric function callback pointer */
184 	union {
185 		QatUtilsAtomic pendingCbCount;
186 		/**< Keeps track of number of pending requests.  */
187 		QatUtilsAtomic pendingDpCbCount;
188 		/**< Keeps track of number of pending DP requests (not thread
189 		 * safe)*/
190 	} u;
191 	struct lac_sym_bulk_cookie_s *pRequestQueueHead;
192 	/**< A fifo list of queued QAT requests. Head points to first queue
193 	 * entry */
194 	struct lac_sym_bulk_cookie_s *pRequestQueueTail;
195 	/**< A fifo list of queued QAT requests. Tail points to last queue entry
196 	 */
197 	struct mtx requestQueueLock;
198 	/**< A lock to protect accesses to the above request queue  */
199 	CpaInstanceHandle pInstance;
200 	/**< Pointer to Crypto instance running this session. */
201 	CpaBoolean isAuthEncryptOp : 1;
202 	/**< if the algorithm chaining operation is auth encrypt */
203 	CpaBoolean nonBlockingOpsInProgress : 1;
204 	/**< Flag is set if a non blocking operation is in progress for a
205 	 * session.
206 	 * If set to false, new requests will be queued until the condition is
207 	 * cleared.
208 	 * ASSUMPTION: Only one blocking condition per session can exist at any
209 	 * time
210 	 */
211 	CpaBoolean internalSession : 1;
212 	/**< Flag which is set if the session was set up internally for DRBG */
213 	CpaBoolean isDPSession : 1;
214 	/**< Flag which is set if the session was set up for Data Plane */
215 	CpaBoolean digestVerify : 1;
216 	/**< Session digest verify for data plane and for CCM/GCM for trad
217 	 * api. For other cases on trad api this flag is set in each performOp
218 	 */
219 	CpaBoolean digestIsAppended : 1;
220 	/**< Flag indicating whether the digest is appended immediately
221 	 * following
222 	 * the region over which the digest is computed */
223 	CpaBoolean isCipher : 1;
224 	/**< Flag indicating whether symOperation includes a cipher operation */
225 	CpaBoolean isAuth : 1;
226 	/**< Flag indicating whether symOperation includes an auth operation */
227 	CpaBoolean useSymConstantsTable : 1;
228 	/**< Flag indicating whether the SymConstantsTable can be used or not */
229 	CpaBoolean useOptimisedContentDesc : 1;
230 	/**< Flag indicating whether to use the optimised CD or not */
231 	CpaBoolean isPartialSupported : 1;
232 	/**< Flag indicating whether symOperation support partial packet */
233 	CpaBoolean useStatefulSha3ContentDesc : 1;
234 	/**< Flag indicating whether to use the stateful SHA3 CD or not */
235 	icp_qat_la_bulk_req_hdr_t shramReqCacheHdr;
236 	icp_qat_fw_la_key_gen_common_t shramReqCacheMid;
237 	icp_qat_la_bulk_req_ftr_t shramReqCacheFtr;
238 	/**< Alternative pre-built request (header, mid & footer)
239 	 * for use with symConstantsTable. */
240 	lac_single_pass_state_t singlePassState;
241 	/**< Flag indicating whether symOperation support single pass */
242 	icp_qat_fw_serv_specif_flags laCmdFlags;
243 	/**< Common request - Service specific flags type  */
244 	icp_qat_fw_comn_flags cmnRequestFlags;
245 	/**< Common request flags type  */
246 	icp_qat_fw_ext_serv_specif_flags laExtCmdFlags;
247 	/**< Common request - Service specific flags type  */
248 	icp_qat_la_bulk_req_hdr_t reqSpcCacheHdr;
249 	icp_qat_la_bulk_req_ftr_t reqSpcCacheFtr;
250 	/**< request (header & footer)for use with Single Pass. */
251 	icp_qat_hw_auth_mode_t qatHashMode;
252 	/**< Hash Mode for the qat slices. Not to be confused with QA-API
253 	 * hashMode
254 	 */
255 	Cpa32U cipherSliceType;
256 	/**< Cipher slice type to be used, set at init session time */
257 	Cpa8U cipherAesXtsKey1Forward[LAC_CIPHER_AES_XTS_KEY_MAX_LENGTH];
258 	/**< Cached AES XTS Forward key
259 	 * For CPM2.0 AES XTS key convertion need to be done in SW.
260 	 * Because use can update session direction at any time,
261 	 * also forward key needs to be cached
262 	 */
263 	Cpa8U cipherAesXtsKey1Reverse[LAC_CIPHER_AES_XTS_KEY_MAX_LENGTH];
264 	/**< AES XTS Reverse key
265 	 * For CPM2.0 AES XTS key convertion need to be done in SW.
266 	 * Reverse key always will be calcilated at session setup time and
267 	 * cached to be used when needed */
268 	Cpa8U cipherAesXtsKey2[LAC_CIPHER_AES_XTS_KEY_MAX_LENGTH];
269 	/**< For AES XTS session need to store Key2 value in order to generate
270 	 * tweak
271 	 */
272 	void *writeRingMsgFunc;
273 	/**< function which will be called to write ring message */
274 	Cpa32U aadLenInBytes;
275 	/**< For CCM,GCM and Snow3G cases, this parameter holds the AAD size,
276 	 * otherwise it is set to zero */
277 	ALIGN_START(64)
278 	Cpa8U hashStatePrefixBuffer[LAC_MAX_AAD_SIZE_BYTES] ALIGN_END(64);
279 	/**< hash state prefix buffer used for hash operations - AAD only
280 	 * NOTE: Field must be correctly aligned in memory for access by QAT
281 	 * engine
282 	 */
283 	Cpa8U hashStatePrefixBufferExt[LAC_MAX_HASH_STATE_BUFFER_SIZE_BYTES -
284 				       LAC_MAX_AAD_SIZE_BYTES];
285 	/**< hash state prefix buffer used for hash operations - Remainder of
286 	 * array.
287 	 * NOTE: Field must be correctly aligned in memory for access by QAT
288 	 * engine
289 	 */
290 	Cpa8U cipherPartialOpState[LAC_CIPHER_STATE_SIZE_MAX];
291 	/**< Buffer to hold the cipher state for the session (for partial ops).
292 	 * NOTE: Field must be correctly aligned in memory for access by QAT
293 	 * engine
294 	 */
295 	Cpa8U cipherARC4InitialState[LAC_CIPHER_ARC4_STATE_LEN_BYTES];
296 	/**< Buffer to hold the initial ARC4 cipher state for the session, which
297 	 * is derived from the user-supplied base key during session
298 	 * registration.
299 	 * NOTE: Field must be correctly aligned in memory for access by QAT
300 	 * engine
301 	 */
302 	CpaPhysicalAddr cipherARC4InitialStatePhysAddr;
303 	/**< The physical address of the ARC4 initial state, set at init
304 	** session time .
305 	*/
306 } lac_session_desc_t;
307 
308 /**
309 *******************************************************************************
310 * @ingroup LacSym_Session
311 *      Symmetric session descriptor - d1
312 * @description
313 *      This structure stores information about a specific session which
314 *       assumes the following:
315 *      - cipher algorithm is not ARC4 or Snow3G
316 *      - partials not used
317 *      - not AuthEncrypt operation
318 *      - hash mode not Auth or Nested
319 *      - no hashStatePrefixBuffer required
320 *      It is therefore a subset of the standard symmetric session descriptor,
321 *       with a smaller memory footprint
322 *****************************************************************************/
323 typedef struct lac_session_desc_d1_s {
324 	Cpa8U contentDescriptor[LAC_SYM_QAT_CONTENT_DESC_MAX_SIZE];
325 	/**< QAT Content Descriptor for this session.
326 	 * NOTE: Field must be correctly aligned in memory for access by QAT
327 	 * engine
328 	 */
329 	Cpa8U contentDescriptorOptimised[LAC_SYM_OPTIMISED_CD_SIZE];
330 	/**< QAT Optimised Content Descriptor for this session.
331 	 * NOTE: Field must be correctly aligned in memory for access by QAT
332 	 * engine
333 	 */
334 	CpaCySymOp symOperation;
335 	/**< type of command to be performed */
336 	sal_qat_content_desc_info_t contentDescInfo;
337 	/**< info on the content descriptor */
338 	sal_qat_content_desc_info_t contentDescOptimisedInfo;
339 	/**< info on the optimised content descriptor */
340 	icp_qat_fw_la_cmd_id_t laCmdId;
341 	/**<Command Id for the QAT FW */
342 	lac_sym_qat_hash_state_buffer_info_t hashStateBufferInfo;
343 	/**< info on the hash state prefix buffer */
344 	CpaCySymHashAlgorithm hashAlgorithm;
345 	/**< hash algorithm */
346 	Cpa32U authKeyLenInBytes;
347 	/**< Authentication key length in bytes */
348 	CpaCySymHashMode hashMode;
349 	/**< Mode of the hash operation. plain, auth or nested */
350 	Cpa32U hashResultSize;
351 	/**< size of the digest produced/compared in bytes */
352 	CpaCySymCipherAlgorithm cipherAlgorithm;
353 	/**< Cipher algorithm and mode */
354 	Cpa32U cipherKeyLenInBytes;
355 	/**< Cipher key length in bytes */
356 	CpaCySymCipherDirection cipherDirection;
357 	/**< This parameter determines if the cipher operation is an encrypt or
358 	 * a decrypt operation. */
359 	CpaCySymPacketType partialState;
360 	/**< state of the partial packet. This can be written to by the perform
361 	 * because the SpinLock pPartialInFlightSpinlock guarantees that the
362 	 * state is accessible in only one place at a time. */
363 	icp_qat_la_bulk_req_hdr_t reqCacheHdr;
364 	icp_qat_fw_la_key_gen_common_t reqCacheMid;
365 	icp_qat_la_bulk_req_ftr_t reqCacheFtr;
366 	/**< Cache as much as possible of the bulk request in a pre built
367 	 * request (header, mid & footer). */
368 	CpaCySymCbFunc pSymCb;
369 	/**< symmetric function callback pointer */
370 	union {
371 		QatUtilsAtomic pendingCbCount;
372 		/**< Keeps track of number of pending requests.  */
373 		Cpa64U pendingDpCbCount;
374 		/**< Keeps track of number of pending DP requests (not thread
375 		 * safe)*/
376 	} u;
377 	struct lac_sym_bulk_cookie_s *pRequestQueueHead;
378 	/**< A fifo list of queued QAT requests. Head points to first queue
379 	 * entry */
380 	struct lac_sym_bulk_cookie_s *pRequestQueueTail;
381 	/**< A fifo list of queued QAT requests. Tail points to last queue entry
382 	 */
383 	struct mtx requestQueueLock;
384 	/**< A lock to protect accesses to the above request queue  */
385 	CpaInstanceHandle pInstance;
386 	/**< Pointer to Crypto instance running this session. */
387 	CpaBoolean isAuthEncryptOp : 1;
388 	/**< if the algorithm chaining operation is auth encrypt */
389 	CpaBoolean nonBlockingOpsInProgress : 1;
390 	/**< Flag is set if a non blocking operation is in progress for a
391 	 * session.
392 	 * If set to false, new requests will be queued until the condition is
393 	 * cleared.
394 	 * ASSUMPTION: Only one blocking condition per session can exist at any
395 	 * time
396 	 */
397 	CpaBoolean internalSession : 1;
398 	/**< Flag which is set if the session was set up internally for DRBG */
399 	CpaBoolean isDPSession : 1;
400 	/**< Flag which is set if the session was set up for Data Plane */
401 	CpaBoolean digestVerify : 1;
402 	/**< Session digest verify for data plane and for CCM/GCM for trad
403 	 * api. For other cases on trad api this flag is set in each performOp
404 	 */
405 	CpaBoolean digestIsAppended : 1;
406 	/**< Flag indicating whether the digest is appended immediately
407 	 * following
408 	 * the region over which the digest is computed */
409 	CpaBoolean isCipher : 1;
410 	/**< Flag indicating whether symOperation includes a cipher operation */
411 	CpaBoolean isAuth : 1;
412 	/**< Flag indicating whether symOperation includes an auth operation */
413 	CpaBoolean useSymConstantsTable : 1;
414 	/**< Flag indicating whether the SymConstantsTable can be used or not */
415 	CpaBoolean useOptimisedContentDesc : 1;
416 	/**< Flag indicating whether to use the optimised CD or not */
417 	CpaBoolean isPartialSupported : 1;
418 	/**< Flag indicating whether symOperation support partial packet */
419 	CpaBoolean useStatefulSha3ContentDesc : 1;
420 	/**< Flag indicating whether to use the stateful SHA3 CD or not */
421 	icp_qat_la_bulk_req_hdr_t shramReqCacheHdr;
422 	icp_qat_fw_la_key_gen_common_t shramReqCacheMid;
423 	icp_qat_la_bulk_req_ftr_t shramReqCacheFtr;
424 	/**< Alternative pre-built request (header, mid & footer)
425 	 * for use with symConstantsTable. */
426 	lac_single_pass_state_t singlePassState;
427 	/**< Flag indicating whether symOperation support single pass */
428 	icp_qat_fw_serv_specif_flags laCmdFlags;
429 	/**< Common request - Service specific flags type  */
430 	icp_qat_fw_comn_flags cmnRequestFlags;
431 	/**< Common request flags type  */
432 	icp_qat_fw_ext_serv_specif_flags laExtCmdFlags;
433 	/**< Common request - Service specific flags type  */
434 	icp_qat_la_bulk_req_hdr_t reqSpcCacheHdr;
435 	icp_qat_la_bulk_req_ftr_t reqSpcCacheFtr;
436 	/**< request (header & footer)for use with Single Pass. */
437 	icp_qat_hw_auth_mode_t qatHashMode;
438 	/**< Hash Mode for the qat slices. Not to be confused with QA-API
439 	 * hashMode
440 	 */
441 	Cpa32U cipherSliceType;
442 	/**< Cipher slice type to be used, set at init session time */
443 	Cpa8U cipherAesXtsKey1Forward[LAC_CIPHER_AES_XTS_KEY_MAX_LENGTH];
444 	/**< Cached AES XTS Forward key
445 	 * For CPM2.0 AES XTS key convertion need to be done in SW.
446 	 * Because use can update session direction at any time,
447 	 * also forward key needs to be cached
448 	 */
449 	Cpa8U cipherAesXtsKey1Reverse[LAC_CIPHER_AES_XTS_KEY_MAX_LENGTH];
450 	/**< AES XTS Reverse key
451 	 * For CPM2.0 AES XTS key convertion need to be done in SW.
452 	 * Reverse key always will be calcilated at session setup time and
453 	 * cached to be used when needed */
454 	Cpa8U cipherAesXtsKey2[LAC_CIPHER_AES_XTS_KEY_MAX_LENGTH];
455 	/**< For AES XTS session need to store Key2 value in order to generate
456 	 * tweak
457 	 */
458 	void *writeRingMsgFunc;
459 	/**< function which will be called to write ring message */
460 } lac_session_desc_d1_t;
461 
462 /**
463 *******************************************************************************
464 * @ingroup LacSym_Session
465 *      Symmetric session descriptor - d2
466 * @description
467 *      This structure stores information about a specific session which
468 *       assumes the following:
469 *      - authEncrypt only
470 *      - partials not used
471 *      - hasStatePrefixBuffer just contains AAD
472 *      It is therefore a subset of the standard symmetric session descriptor,
473 *       with a smaller memory footprint
474 *****************************************************************************/
475 typedef struct lac_session_desc_d2_s {
476 	Cpa8U contentDescriptor[LAC_SYM_QAT_CONTENT_DESC_MAX_SIZE];
477 	/**< QAT Content Descriptor for this session.
478 	 * NOTE: Field must be correctly aligned in memory for access by QAT
479 	 * engine
480 	 */
481 	Cpa8U contentDescriptorOptimised[LAC_SYM_OPTIMISED_CD_SIZE];
482 	/**< QAT Optimised Content Descriptor for this session.
483 	 * NOTE: Field must be correctly aligned in memory for access by QAT
484 	 * engine
485 	 */
486 	CpaCySymOp symOperation;
487 	/**< type of command to be performed */
488 	sal_qat_content_desc_info_t contentDescInfo;
489 	/**< info on the content descriptor */
490 	sal_qat_content_desc_info_t contentDescOptimisedInfo;
491 	/**< info on the optimised content descriptor */
492 	icp_qat_fw_la_cmd_id_t laCmdId;
493 	/**<Command Id for the QAT FW */
494 	lac_sym_qat_hash_state_buffer_info_t hashStateBufferInfo;
495 	/**< info on the hash state prefix buffer */
496 	CpaCySymHashAlgorithm hashAlgorithm;
497 	/**< hash algorithm */
498 	Cpa32U authKeyLenInBytes;
499 	/**< Authentication key length in bytes */
500 	CpaCySymHashMode hashMode;
501 	/**< Mode of the hash operation. plain, auth or nested */
502 	Cpa32U hashResultSize;
503 	/**< size of the digest produced/compared in bytes */
504 	CpaCySymCipherAlgorithm cipherAlgorithm;
505 	/**< Cipher algorithm and mode */
506 	Cpa32U cipherKeyLenInBytes;
507 	/**< Cipher key length in bytes */
508 	CpaCySymCipherDirection cipherDirection;
509 	/**< This parameter determines if the cipher operation is an encrypt or
510 	 * a decrypt operation. */
511 	CpaCySymPacketType partialState;
512 	/**< state of the partial packet. This can be written to by the perform
513 	 * because the SpinLock pPartialInFlightSpinlock guarantees that the
514 	 * state is accessible in only one place at a time. */
515 	icp_qat_la_bulk_req_hdr_t reqCacheHdr;
516 	icp_qat_fw_la_key_gen_common_t reqCacheMid;
517 	icp_qat_la_bulk_req_ftr_t reqCacheFtr;
518 	/**< Cache as much as possible of the bulk request in a pre built
519 	 * request (header. mid & footer). */
520 	CpaCySymCbFunc pSymCb;
521 	/**< symmetric function callback pointer */
522 	union {
523 		QatUtilsAtomic pendingCbCount;
524 		/**< Keeps track of number of pending requests.  */
525 		Cpa64U pendingDpCbCount;
526 		/**< Keeps track of number of pending DP requests (not thread
527 		 * safe)*/
528 	} u;
529 	struct lac_sym_bulk_cookie_s *pRequestQueueHead;
530 	/**< A fifo list of queued QAT requests. Head points to first queue
531 	 * entry */
532 	struct lac_sym_bulk_cookie_s *pRequestQueueTail;
533 	/**< A fifo list of queued QAT requests. Tail points to last queue entry
534 	 */
535 	struct mtx requestQueueLock;
536 	/**< A lock to protect accesses to the above request queue  */
537 	CpaInstanceHandle pInstance;
538 	/**< Pointer to Crypto instance running this session. */
539 	CpaBoolean isAuthEncryptOp : 1;
540 	/**< if the algorithm chaining operation is auth encrypt */
541 	CpaBoolean nonBlockingOpsInProgress : 1;
542 	/**< Flag is set if a non blocking operation is in progress for a
543 	 * session.
544 	 * If set to false, new requests will be queued until the condition is
545 	 * cleared.
546 	 * ASSUMPTION: Only one blocking condition per session can exist at any
547 	 * time
548 	 */
549 	CpaBoolean internalSession : 1;
550 	/**< Flag which is set if the session was set up internally for DRBG */
551 	CpaBoolean isDPSession : 1;
552 	/**< Flag which is set if the session was set up for Data Plane */
553 	CpaBoolean digestVerify : 1;
554 	/**< Session digest verify for data plane and for CCM/GCM for trad
555 	 * api. For other cases on trad api this flag is set in each performOp
556 	 */
557 	CpaBoolean digestIsAppended : 1;
558 	/**< Flag indicating whether the digest is appended immediately
559 	 * following
560 	 * the region over which the digest is computed */
561 	CpaBoolean isCipher : 1;
562 	/**< Flag indicating whether symOperation includes a cipher operation */
563 	CpaBoolean isAuth : 1;
564 	/**< Flag indicating whether symOperation includes an auth operation */
565 	CpaBoolean useSymConstantsTable : 1;
566 	/**< Flag indicating whether the SymConstantsTable can be used or not */
567 	CpaBoolean useOptimisedContentDesc : 1;
568 	/**< Flag indicating whether to use the optimised CD or not */
569 	CpaBoolean isPartialSupported : 1;
570 	/**< Flag indicating whether symOperation support partial packet */
571 	CpaBoolean useStatefulSha3ContentDesc : 1;
572 	/**< Flag indicating whether to use the stateful SHA3 CD or not */
573 	icp_qat_la_bulk_req_hdr_t shramReqCacheHdr;
574 	icp_qat_fw_la_key_gen_common_t shramReqCacheMid;
575 	icp_qat_la_bulk_req_ftr_t shramReqCacheFtr;
576 	/**< Alternative pre-built request (header. mid & footer)
577 	 * for use with symConstantsTable. */
578 	lac_single_pass_state_t singlePassState;
579 	/**< Flag indicating whether symOperation support single pass */
580 	icp_qat_fw_serv_specif_flags laCmdFlags;
581 	/**< Common request - Service specific flags type  */
582 	icp_qat_fw_comn_flags cmnRequestFlags;
583 	/**< Common request flags type  */
584 	icp_qat_fw_ext_serv_specif_flags laExtCmdFlags;
585 	/**< Common request - Service specific flags type  */
586 	icp_qat_la_bulk_req_hdr_t reqSpcCacheHdr;
587 	icp_qat_la_bulk_req_ftr_t reqSpcCacheFtr;
588 	/**< request (header & footer)for use with Single Pass. */
589 	icp_qat_hw_auth_mode_t qatHashMode;
590 	/**< Hash Mode for the qat slices. Not to be confused with QA-API
591 	 * hashMode
592 	 */
593 	Cpa32U cipherSliceType;
594 	/**< Cipher slice type to be used, set at init session time */
595 	Cpa8U cipherAesXtsKey1Forward[LAC_CIPHER_AES_XTS_KEY_MAX_LENGTH];
596 	/**< Cached AES XTS Forward key
597 	 * For CPM2.0 AES XTS key convertion need to be done in SW.
598 	 * Because use can update session direction at any time,
599 	 * also forward key needs to be cached
600 	 */
601 	Cpa8U cipherAesXtsKey1Reverse[LAC_CIPHER_AES_XTS_KEY_MAX_LENGTH];
602 	/**< AES XTS Reverse key
603 	 * For CPM2.0 AES XTS key convertion need to be done in SW.
604 	 * Reverse key always will be calcilated at session setup time and
605 	 * cached to be used when needed */
606 	Cpa8U cipherAesXtsKey2[LAC_CIPHER_AES_XTS_KEY_MAX_LENGTH];
607 	/**< For AES XTS session need to store Key2 value in order to generate
608 	 * tweak
609 	 */
610 	void *writeRingMsgFunc;
611 	/**< function which will be called to write ring message */
612 	Cpa32U aadLenInBytes;
613 	/**< For CCM,GCM and Snow3G cases, this parameter holds the AAD size,
614 	 * otherwise it is set to zero */
615 	ALIGN_START(64)
616 	Cpa8U hashStatePrefixBuffer[LAC_MAX_AAD_SIZE_BYTES] ALIGN_END(64);
617 	/**< hash state prefix buffer used for hash operations - AAD only
618 	 * NOTE: Field must be correctly aligned in memory for access by QAT
619 	 * engine
620 	 */
621 } lac_session_desc_d2_t;
622 
623 #define LAC_SYM_SESSION_SIZE                                                   \
624 	(sizeof(lac_session_desc_t) + LAC_64BYTE_ALIGNMENT +                   \
625 	 sizeof(LAC_ARCH_UINT))
626 /**< @ingroup LacSym_Session
627  * Size of the memory that the client has to allocate for a session. Extra
628  * memory is needed to internally re-align the data. The pointer to the algined
629  * data is stored at the start of the user allocated memory hence the extra
630  * space for an LAC_ARCH_UINT */
631 
632 #define LAC_SYM_SESSION_D1_SIZE                                                \
633 	(sizeof(lac_session_desc_d1_t) + LAC_64BYTE_ALIGNMENT +                \
634 	 sizeof(LAC_ARCH_UINT))
635 /**< @ingroup LacSym_Session
636 **  Size of the memory that the client has to allocate for a session where :
637 *     - cipher algorithm not ARC4 or Snow3G, no Partials, nonAuthEncrypt.
638 * Extra memory is needed to internally re-align the data. The pointer to the
639 * aligned data is stored at the start of the user allocated memory hence the
640 * extra space for an LAC_ARCH_UINT */
641 
642 #define LAC_SYM_SESSION_D2_SIZE                                                \
643 	(sizeof(lac_session_desc_d2_t) + LAC_64BYTE_ALIGNMENT +                \
644 	 sizeof(LAC_ARCH_UINT))
645 /**< @ingroup LacSym_Session
646 **  Size of the memory that the client has to allocate for a session where :
647 *     - authEncrypt, no Partials - so hashStatePrefixBuffer is only AAD
648 * Extra memory is needed to internally re-align the data. The pointer to the
649 * aligned data is stored at the start of the user allocated memory hence the
650 * extra space for an LAC_ARCH_UINT */
651 
652 #define LAC_SYM_SESSION_DESC_FROM_CTX_GET(pSession)                            \
653 	(lac_session_desc_t *)(*(LAC_ARCH_UINT *)pSession)
654 /**< @ingroup LacSym_Session
655  * Retrieve the session descriptor pointer from the session context structure
656  * that the user allocates. The pointer to the internally realigned address
657  * is stored at the start of the session context that the user allocates */
658 
659 /**
660 *******************************************************************************
661 * @ingroup LacSym_Session
662 *      This function initializes a session
663 *
664 * @description
665 *      This function is called from the LAC session register API functions.
666 *      It validates all input parameters. If an invalid parameter is passed,
667 *      an error is returned to the calling function. If all parameters are valid
668 *      a symmetric session is initialized
669 *
670 * @param[in] instanceHandle_in    Instance Handle
671 * @param[in] pSymCb               callback function
672 * @param[in] pSessionSetupData    pointer to the strucutre containing the setup
673 *data
674 * @param[in] isDpSession          CPA_TRUE for a data plane session
675 * @param[out] pSessionCtx         Pointer to session context
676 *
677 *
678 * @retval CPA_STATUS_SUCCESS        Function executed successfully.
679 * @retval CPA_STATUS_FAIL           Function failed.
680 * @retval CPA_STATUS_INVALID_PARAM  Invalid parameter passed in.
681 * @retval CPA_STATUS_RESOURCE       Error related to system resources.
682 *
683 */
684 
685 CpaStatus LacSym_InitSession(const CpaInstanceHandle instanceHandle_in,
686 			     const CpaCySymCbFunc pSymCb,
687 			     const CpaCySymSessionSetupData *pSessionSetupData,
688 			     const CpaBoolean isDpSession,
689 			     CpaCySymSessionCtx pSessionCtx);
690 
691 #endif /* LAC_SYM_SESSION_H */
692