cryptodev: fix ABI compatibility for ChaCha20-Poly1305

This patch adds versioned function rte_cryptodev_info_get()
to prevent some issues with ABI policy.
Node v21 works in same way as before, returning driver capabilities
directly to the API caller. These capabilities may include new elements
not part of the v20 ABI.
Node v20 function maintains compatibility with v20 ABI releases
by stripping out elements not supported in v20 ABI. Because
rte_cryptodev_info_get is called by other API functions,
rte_cryptodev_sym_capability_get function is versioned the same way.

Fixes: b922dbd38c ("cryptodev: add ChaCha20-Poly1305 AEAD algorithm")

Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Ray Kinsella <mdr@ashroe.eu>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
This commit is contained in:
Arek Kusztal 2020-05-07 12:57:03 +02:00 committed by Akhil Goyal
parent b922dbd38c
commit a0f0de06d4
5 changed files with 192 additions and 7 deletions

View File

@ -40,3 +40,11 @@
type_kind = enum
name = rte_cpu_flag_t
changed_enumerators = RTE_CPUFLAG_NUMFLAGS
; Ignore Cryptodev AEAD xform enum and AEAD xform strings change
; due to addition of Chacha20-Poly1305
[suppress_type]
type_kind = enum
name = rte_crypto_aead_algorithm
changed_enumerators = RTE_CRYPTO_AEAD_LIST_END
[suppress_variable]
name = rte_crypto_aead_algorithm_strings

View File

@ -1,6 +1,7 @@
# SPDX-License-Identifier: BSD-3-Clause
# Copyright(c) 2017-2019 Intel Corporation
use_function_versioning = true
sources = files('rte_cryptodev.c', 'rte_cryptodev_pmd.c', 'cryptodev_trace_points.c')
headers = files('rte_cryptodev.h',
'rte_cryptodev_pmd.h',

View File

@ -36,6 +36,8 @@
#include <rte_errno.h>
#include <rte_spinlock.h>
#include <rte_string_fns.h>
#include <rte_compat.h>
#include <rte_function_versioning.h>
#include "rte_crypto.h"
#include "rte_cryptodev.h"
@ -57,6 +59,14 @@ static struct rte_cryptodev_global cryptodev_globals = {
/* spinlock for crypto device callbacks */
static rte_spinlock_t rte_cryptodev_cb_lock = RTE_SPINLOCK_INITIALIZER;
static const struct rte_cryptodev_capabilities
cryptodev_undefined_capabilities[] = {
RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
};
static struct rte_cryptodev_capabilities
*capability_copy[RTE_CRYPTO_MAX_DEVS];
static uint8_t is_capability_checked[RTE_CRYPTO_MAX_DEVS];
/**
* The user application callback description.
@ -281,8 +291,43 @@ rte_crypto_auth_operation_strings[] = {
[RTE_CRYPTO_AUTH_OP_GENERATE] = "generate"
};
const struct rte_cryptodev_symmetric_capability *
rte_cryptodev_sym_capability_get(uint8_t dev_id,
const struct rte_cryptodev_symmetric_capability __vsym *
rte_cryptodev_sym_capability_get_v20(uint8_t dev_id,
const struct rte_cryptodev_sym_capability_idx *idx)
{
const struct rte_cryptodev_capabilities *capability;
struct rte_cryptodev_info dev_info;
int i = 0;
rte_cryptodev_info_get_v20(dev_id, &dev_info);
while ((capability = &dev_info.capabilities[i++])->op !=
RTE_CRYPTO_OP_TYPE_UNDEFINED) {
if (capability->op != RTE_CRYPTO_OP_TYPE_SYMMETRIC)
continue;
if (capability->sym.xform_type != idx->type)
continue;
if (idx->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
capability->sym.auth.algo == idx->algo.auth)
return &capability->sym;
if (idx->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
capability->sym.cipher.algo == idx->algo.cipher)
return &capability->sym;
if (idx->type == RTE_CRYPTO_SYM_XFORM_AEAD &&
capability->sym.aead.algo == idx->algo.aead)
return &capability->sym;
}
return NULL;
}
VERSION_SYMBOL(rte_cryptodev_sym_capability_get, _v20, 20.0);
const struct rte_cryptodev_symmetric_capability __vsym *
rte_cryptodev_sym_capability_get_v21(uint8_t dev_id,
const struct rte_cryptodev_sym_capability_idx *idx)
{
const struct rte_cryptodev_capabilities *capability;
@ -313,8 +358,12 @@ rte_cryptodev_sym_capability_get(uint8_t dev_id,
}
return NULL;
}
MAP_STATIC_SYMBOL(const struct rte_cryptodev_symmetric_capability *
rte_cryptodev_sym_capability_get(uint8_t dev_id,
const struct rte_cryptodev_sym_capability_idx *idx),
rte_cryptodev_sym_capability_get_v21);
BIND_DEFAULT_SYMBOL(rte_cryptodev_sym_capability_get, _v21, 21);
static int
param_range_check(uint16_t size, const struct rte_crypto_param_range *range)
@ -1018,6 +1067,12 @@ rte_cryptodev_close(uint8_t dev_id)
retval = (*dev->dev_ops->dev_close)(dev);
rte_cryptodev_trace_close(dev_id, retval);
if (capability_copy[dev_id]) {
free(capability_copy[dev_id]);
capability_copy[dev_id] = NULL;
}
is_capability_checked[dev_id] = 0;
if (retval < 0)
return retval;
@ -1131,9 +1186,89 @@ rte_cryptodev_stats_reset(uint8_t dev_id)
(*dev->dev_ops->stats_reset)(dev);
}
static void
get_v20_capabilities(uint8_t dev_id, struct rte_cryptodev_info *dev_info)
{
const struct rte_cryptodev_capabilities *capability;
uint8_t found_invalid_capa = 0;
uint8_t counter = 0;
void
rte_cryptodev_info_get(uint8_t dev_id, struct rte_cryptodev_info *dev_info)
for (capability = dev_info->capabilities;
capability->op != RTE_CRYPTO_OP_TYPE_UNDEFINED;
++capability, ++counter) {
if (capability->op == RTE_CRYPTO_OP_TYPE_SYMMETRIC &&
capability->sym.xform_type ==
RTE_CRYPTO_SYM_XFORM_AEAD
&& capability->sym.aead.algo >=
RTE_CRYPTO_AEAD_CHACHA20_POLY1305) {
found_invalid_capa = 1;
counter--;
}
}
is_capability_checked[dev_id] = 1;
if (!found_invalid_capa)
return;
capability_copy[dev_id] = malloc(counter *
sizeof(struct rte_cryptodev_capabilities));
if (capability_copy[dev_id] == NULL) {
/*
* error case - no memory to store the trimmed
* list, so have to return an empty list
*/
dev_info->capabilities =
cryptodev_undefined_capabilities;
is_capability_checked[dev_id] = 0;
} else {
counter = 0;
for (capability = dev_info->capabilities;
capability->op !=
RTE_CRYPTO_OP_TYPE_UNDEFINED;
capability++) {
if (!(capability->op ==
RTE_CRYPTO_OP_TYPE_SYMMETRIC
&& capability->sym.xform_type ==
RTE_CRYPTO_SYM_XFORM_AEAD
&& capability->sym.aead.algo >=
RTE_CRYPTO_AEAD_CHACHA20_POLY1305)) {
capability_copy[dev_id][counter++] =
*capability;
}
}
dev_info->capabilities =
capability_copy[dev_id];
}
}
void __vsym
rte_cryptodev_info_get_v20(uint8_t dev_id, struct rte_cryptodev_info *dev_info)
{
struct rte_cryptodev *dev;
if (!rte_cryptodev_pmd_is_valid_dev(dev_id)) {
CDEV_LOG_ERR("Invalid dev_id=%d", dev_id);
return;
}
dev = &rte_crypto_devices[dev_id];
memset(dev_info, 0, sizeof(struct rte_cryptodev_info));
RTE_FUNC_PTR_OR_RET(*dev->dev_ops->dev_infos_get);
(*dev->dev_ops->dev_infos_get)(dev, dev_info);
if (capability_copy[dev_id] == NULL) {
if (!is_capability_checked[dev_id])
get_v20_capabilities(dev_id, dev_info);
} else
dev_info->capabilities = capability_copy[dev_id];
dev_info->driver_name = dev->device->driver->name;
dev_info->device = dev->device;
}
VERSION_SYMBOL(rte_cryptodev_info_get, _v20, 20.0);
void __vsym
rte_cryptodev_info_get_v21(uint8_t dev_id, struct rte_cryptodev_info *dev_info)
{
struct rte_cryptodev *dev;
@ -1152,7 +1287,9 @@ rte_cryptodev_info_get(uint8_t dev_id, struct rte_cryptodev_info *dev_info)
dev_info->driver_name = dev->device->driver->name;
dev_info->device = dev->device;
}
MAP_STATIC_SYMBOL(void rte_cryptodev_info_get(uint8_t dev_id,
struct rte_cryptodev_info *dev_info), rte_cryptodev_info_get_v21);
BIND_DEFAULT_SYMBOL(rte_cryptodev_info_get, _v21, 21);
int
rte_cryptodev_callback_register(uint8_t dev_id,

View File

@ -219,6 +219,14 @@ struct rte_cryptodev_asym_capability_idx {
* - Return NULL if the capability not exist.
*/
const struct rte_cryptodev_symmetric_capability *
rte_cryptodev_sym_capability_get_v20(uint8_t dev_id,
const struct rte_cryptodev_sym_capability_idx *idx);
const struct rte_cryptodev_symmetric_capability *
rte_cryptodev_sym_capability_get_v21(uint8_t dev_id,
const struct rte_cryptodev_sym_capability_idx *idx);
const struct rte_cryptodev_symmetric_capability *
rte_cryptodev_sym_capability_get(uint8_t dev_id,
const struct rte_cryptodev_sym_capability_idx *idx);
@ -764,9 +772,33 @@ rte_cryptodev_stats_reset(uint8_t dev_id);
* the last valid element has it's op field set to
* RTE_CRYPTO_OP_TYPE_UNDEFINED.
*/
extern void
void
rte_cryptodev_info_get(uint8_t dev_id, struct rte_cryptodev_info *dev_info);
/* An extra element RTE_CRYPTO_AEAD_CHACHA20_POLY1305 is added
* to enum rte_crypto_aead_algorithm, also changing the value of
* RTE_CRYPTO_AEAD_LIST_END. To maintain ABI compatibility with applications
* which linked against earlier versions, preventing them, for example, from
* picking up the new value and using it to index into an array sized too small
* for it, it is necessary to have two versions of rte_cryptodev_info_get()
* The latest version just returns directly the capabilities retrieved from
* the device. The compatible version inspects the capabilities retrieved
* from the device, but only returns them directly if the new value
* is not included. If the new value is included, it allocates space
* for a copy of the device capabilities, trims the new value from this
* and returns this copy. It only needs to do this once per device.
* For the corner case of a corner case when the alloc may fail,
* an empty capability list is returned, as there is no mechanism to return
* an error and adding such a mechanism would itself be an ABI breakage.
* The compatible version can be removed after the next major ABI release.
*/
void
rte_cryptodev_info_get_v20(uint8_t dev_id, struct rte_cryptodev_info *dev_info);
void
rte_cryptodev_info_get_v21(uint8_t dev_id, struct rte_cryptodev_info *dev_info);
/**
* Register a callback function for specific device id.

View File

@ -58,6 +58,13 @@ DPDK_20.0 {
local: *;
};
DPDK_21 {
global:
rte_cryptodev_info_get;
rte_cryptodev_sym_capability_get;
} DPDK_20.0;
EXPERIMENTAL {
global: