DPAA requires the I/O shall be done in a HW portal context only.
The portal affinity is currently only being done in session create
and config APIs with the assumption that same thread will be used
for IO. This is causing issue.
This patch add support during I/O to check the HW portal affinity
and affine portal- if not affined already.
Fixes: 9a984458f7 ("crypto/dpaa_sec: rewrite Rx/Tx path")
Cc: stable@dpdk.org
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
These headers are used but not included explicitly, including them.
"arpa/inet.h" is included for 'htons' and friends.
"netinet/in.h" is included for 'IPPROTO_IP'.
Signed-off-by: Ferruh Yigit <ferruh.yigit@intel.com>
Acked-by: Andrew Rybchenko <andrew.rybchenko@oktetlabs.ru>
Acked-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Rasesh Mody <rmody@marvell.com>
If for some reason the queue is not close properly,
specially in test cases.
The QUEUE retire prints are flooding the screen.
They are not really required as WARNING.
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Reasons for building not supported generally start with lowercase
because printed as the second part of a line.
Other changes:
- "linux" should be "Linux" with a capital letter.
- ARCH_X86_64 may be simply x86_64.
- aarch64 is preferred over arm64.
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Acked-by: David Marchand <david.marchand@redhat.com>
The dpaa drivers have been hacking the deprecated field seqn for
internal features.
It is moved to a dynamic mbuf field in order to allow removal of seqn.
Signed-off-by: David Marchand <david.marchand@redhat.com>
Use the newer macros defined by meson in all DPDK source code, to ensure
there are no errors when the old non-standard macros are removed.
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Acked-by: Luca Boccassi <bluca@debian.org>
Acked-by: Andrew Rybchenko <andrew.rybchenko@oktetlabs.ru>
Acked-by: Rosen Xu <rosen.xu@intel.com>
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Since each version map file is contained in the subdirectory of the library
it refers to, there is no need to include the library name in the filename.
This makes things simpler in case of library renaming.
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Acked-by: Luca Boccassi <bluca@debian.org>
Acked-by: Andrew Rybchenko <andrew.rybchenko@oktetlabs.ru>
Acked-by: Rosen Xu <rosen.xu@intel.com>
Based on the new field in PDCP xform, a decision is made
to create a PDCP session with or without SDAP enabled.
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
Remove the deprecated functions
- rte_mbuf_data_dma_addr
- rte_mbuf_data_dma_addr_default
which aliased the more recent functions
- rte_mbuf_data_iova
- rte_mbuf_data_iova_default
Remove the deprecated macros
- rte_pktmbuf_mtophys
- rte_pktmbuf_mtophys_offset
which aliased the more recent macros
- rte_pktmbuf_iova
- rte_pktmbuf_iova_offset
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Acked-by: Andrew Rybchenko <arybchenko@solarflare.com>
Acked-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Ray Kinsella <mdr@ashroe.eu>
A decision was made [1] to no longer support Make in DPDK, this patch
removes all Makefiles that do not make use of pkg-config, along with
the mk directory previously used by make.
[1] https://mails.dpdk.org/archives/dev/2020-April/162839.html
Signed-off-by: Ciara Power <ciara.power@intel.com>
Reviewed-by: Ruifeng Wang <ruifeng.wang@arm.com>
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Minimize the number of different thread variables
Add all the thread specific variables in dpaa_portal
structure to optimize TLS Usage.
Signed-off-by: Rohit Raj <rohit.raj@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Hemant Agrawal <hemant.agrawal@nxp.com>
The maximum length of job descriptor which is formed
is 13 words and hence rta_inline_query should take
care of the max descriptor(shared + job) lengths and
thus find out of the key can be referenced or immediate.
Fixes: 05b12700cd ("crypto/dpaa_sec: support null algos for protocol offload")
Fixes: 13273250ee ("crypto/dpaa2_sec: support AES-GCM and CTR")
Cc: stable@dpdk.org
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Hemant Agrawal <hemant.agrawal@nxp.com>
In case of RTA_SEC_ERA = 8, where the length of shared desc
is large for some of PDCP cases, the descriptor buffer cannot
hold 2 extra words when HFN override is enabled. As a result,
the descriptor fails.
This patch converts one of the keys from immediate key to
reference key hence reducing the length of the descriptor.
Fixes: 2e4cbdb4b2 ("crypto/dpaax_sec: support PDCP U-Plane with integrity")
Cc: stable@dpdk.org
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Now that all libraries have a single version, we can drop the empty
stable blocks that had been added when moving symbols from stable to
internal ABI.
Signed-off-by: David Marchand <david.marchand@redhat.com>
Acked-by: Bruce Richardson <bruce.richardson@intel.com>
Introduce the RTE_LOG_REGISTER macro to avoid the code duplication
in the logtype registration process.
It is a wrapper macro for declaring the logtype, registering it and
setting its level in the constructor context.
Signed-off-by: Jerin Jacob <jerinj@marvell.com>
Acked-by: Adam Dybkowski <adamx.dybkowski@intel.com>
Acked-by: Sachin Saxena <sachin.saxena@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
qman caam and pool portal ids are only used in control
path. This patch changes their inter library access to
function call instead of direct shared variable.
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Ray Kinsella <mdr@ashroe.eu>
This patch moves the internal symbols to INTERNAL sections
so that any change in them is not reported as ABI breakage.
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Ray Kinsella <mdr@ashroe.eu>
gcc 10 defaults to -fno-common and as a result when linking
with crypto drivers:
drivers/librte_pmd_dpaa_sec.a(crypto_dpaa_sec_dpaa_sec.c.o):
(.bss+0x4): multiple definition of `rta_sec_era';
drivers/librte_pmd_caam_jr.a(crypto_caam_jr_caam_jr.c.o):
(.bss+0x0): first defined here
drivers/librte_pmd_dpaa2_sec.a(crypto_dpaa2_sec_dpaa2_sec_dpseci.c.o):
(.data+0x0): multiple definition of `rta_sec_era';
drivers/librte_pmd_caam_jr.a(crypto_caam_jr_caam_jr.c.o):
(.bss+0x0): first defined here
This patch fixes the blunt workaround in the following commit.
Fixes: 50b03f3b8e ("drivers/crypto: disable gcc 10 no-common errors")
Bugzilla ID: 469
Cc: stable@dpdk.org
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
Tested-by: Kevin Traynor <ktraynor@redhat.com>
Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>
Acked-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Ray Kinsella <mdr@ashroe.eu>
gcc 10 defaults to -fno-common and as a result when linking
with crypto drivers:
drivers/librte_pmd_dpaa_sec.a(crypto_dpaa_sec_dpaa_sec.c.o):
(.bss+0x4): multiple definition of `rta_sec_era';
drivers/librte_pmd_caam_jr.a(crypto_caam_jr_caam_jr.c.o):
(.bss+0x0): first defined here
drivers/librte_pmd_dpaa2_sec.a(crypto_dpaa2_sec_dpaa2_sec_dpseci.c.o):
(.data+0x0): multiple definition of `rta_sec_era';
drivers/librte_pmd_caam_jr.a(crypto_caam_jr_caam_jr.c.o):
(.bss+0x0): first defined here
This is a blunt fix for the issue by enabling fcommon for
dpaa_sec/dpaa2_sec/caam_jr.
Bugzilla ID: 469
Cc: stable@dpdk.org
Signed-off-by: Kevin Traynor <ktraynor@redhat.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
The return values in cases of errors were not
specified properly. With this patch appropriate
error numbers are returned.
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Hemant Agrawal <hemant.agrawal@nxp.com>
This patch repairs 2 memory allocations issues:
1) possible leak of memory
In cryptodev_dpaa_sec_probe() function in case of portal
initialization failure, function exited without cleanup.
The patch redirects flow to out label, which provides
proper cleanup in case of error: freeing cryptodevice private
data and releasing cryptodevice.
2) double free of cryptodev private data
The function dpaa_sec_dev_init() in case of failure called
dpaa_sec_uninit() which freed both private data and security
context. However one layer above in cryptodev_dpaa_sec_probe()
function, the private data were freed one more time.
The patch limits cleanup of the dpaa_sec_dev_init() function
to freeing only the security context.
Signed-off-by: Lukasz Wojciechowski <l.wojciechow@partner.samsung.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
This patch fixes management of memory for authentication
and encryption keys.
There were two issues with former state of implementation:
1) Invalid access to dpaa_sec_session union members
The dpaa_sec_session structure includes an anonymous union:
union {
struct {...} aead_key;
struct {
struct {...} cipher_key;
struct {...} auth_key;
};
};
Depending on the used algorithm a rte_zmalloc() function
allocated memory that was kept in aead_key, cipher_key
or auth_key. However every time the memory was released,
rte_free() was called only on cipher and auth keys, even
if pointer to allocated memory was stored in aead_key.
The C language specification defines such behavior as undefined.
As the cipher_key and aead_key are similar, have same sizes and
alignment, it has worked, but it's directly against C specification.
This patch fixes this, providing a free_session_data() function
to free the keys data. It verifies which algorithm was used
(aead or auth+cipher) and frees proper part of the union.
2) Some keys might have been freed multiple times
In functions like: dpaa_sec_cipher_init(), dpaa_sec_auth_init(),
dpaa_sec_chain_init(), dpaa_sec_aead_init() keys data were freed
before returning due to some error conditions. However the pointers
were not zeroed causing another calls to ret_free from higher
layers of code. This causes an error log about invalid memory address
to be printed.
This patch fixes it by making only one layer responsible for freeing
memory
Signed-off-by: Lukasz Wojciechowski <l.wojciechow@partner.samsung.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Remove setting ALLOW_EXPERIMENTAL_API individually for each Makefile and
meson.build. Instead, enable ALLOW_EXPERIMENTAL_API flag across app, lib
and drivers.
This changes reduces the clutter across the project while still
maintaining the functionality of ALLOW_EXPERIMENTAL_API i.e. warning
external applications about experimental API usage.
Signed-off-by: Pavan Nikhilesh <pbhagavatula@marvell.com>
Acked-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Signed-off-by: David Marchand <david.marchand@redhat.com>
This commit removes unused function pointer (queue_pair_count)
from struct rte_cryptodev_ops. Related functions removed as well.
Signed-off-by: Artur Trybula <arturx.trybula@intel.com>
Reviewed-by: Ruifeng Wang <ruifeng.wang@arm.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
The EAL API (with doxygen documentation) is moved from
common/include/ to include/, which makes more clear that
it is the global API for all environments and architectures.
Note that the arch-specific and OS-specific include files are not
in this global include directory, but include/generic/ should
cover the doxygen documentation for them.
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Acked-by: David Marchand <david.marchand@redhat.com>
This patch reorganize the members of a structure
used by driver in its data-path to improve
performance.
Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
DPAA sec driver is using virtual to physical address
translation in its data path and driver is using
dpaax_iova_table_update() API in every address translation
which is very costly.
This patch moves dpaax_iova_table_update() calling to rte_dpaa_mem_ptov(),
only if it fails to found translation from DPAAX table.
Fixes: 12e5842945 ("crypto/dpaa_sec: fix IOVA table")
Cc: stable@dpdk.org
Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Merge all versions in linker version script files to DPDK_20.0.
This commit was generated by running the following command:
:~/DPDK$ buildtools/update-abi.sh 20.0
Signed-off-by: Pawel Modrak <pawelx.modrak@intel.com>
Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
Acked-by: Bruce Richardson <bruce.richardson@intel.com>
Acked-by: Thomas Monjalon <thomas@monjalon.net>
Since the library versioning for both stable and experimental ABI's is
now managed globally, the LIBABIVER and version variables no longer
serve any useful purpose, and can be removed.
The replacement in Makefiles was done using the following regex:
^(#.*\n)?LIBABIVER\s*:=\s*\d+\n(\s*\n)?
(LIBABIVER := numbers, optionally preceded by a comment and optionally
succeeded by an empty line)
The replacement for meson files was done using the following regex:
^(#.*\n)?version\s*=\s*\d+\n(\s*\n)?
(version = numbers, optionally preceded by a comment and optionally
succeeded by an empty line)
[David]: those variables are manually removed for the files:
- drivers/common/qat/Makefile
- lib/librte_eal/meson.build
[David]: the LIBABIVER is restored for the external ethtool example
library.
Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
Signed-off-by: David Marchand <david.marchand@redhat.com>
Acked-by: Thomas Monjalon <thomas@monjalon.net>
This patch usages the anti replay window size to config
the anti replay checking in decap path for lookaside
IPSEC offload
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
The protocol aware ipsec descriptor has been modified to
use ctr_initial value of 1 and salt configured for ipsec SA.
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
As per RFC3686, the initial aes-ctr counter value should be '1' for use
in ipsec. The patches changes SEC descriptor for using correct counter
value. In addition, it drops a redundant parameter for passing IV while
creating the descriptor.
This patch adds changes for all NXP crypto PMDs
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
This patch throw the warning when using truncated digest
len for SHA256 case.
As per RFC4868, SHA-256 should use 128 bits of ICV.
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
This patch add support for AES-128-GCM, when used in
lookaside protocol offload case.
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
These are supported when using protocol offload mode or when
in chain mode.
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
set the pdcp capa_flags to 0 by default.
Fixes: a1173d5559 ("crypto/dpaa_sec: support PDCP offload")
Cc: stable@dpdk.org
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
DPAA SEC shall be able to work independent of DPAA ETH
driver.
This patch moves qbman init to bus, so that any driver
can use them even when no eth resources are present
or none of the eth devices are probed.
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
This code is being shared by more than 1 type of driver.
Common is most appropriate place for it.
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
The SEC HW code is being shared by multiple NXP based
drivers. It is better to place it at a common place.
Current users are:
1. DPAA2_SEC
2. DPAA_SEC
3. CAAM_JR
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
The session related parameters shall be populated during
the session create only.
At the runtime on first packet, the CDB should just reference
the session data instead of re-interpreting data again.
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
This patch add support for ZUC and SNOW 3G in
non-PDCP offload mode.
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
For cases like ESN where authentication data can be after cipher
data, support for authentication trailer is required.
This patch adds support of auth-only data trailing after cipher data.
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
The GCM descriptors needlessly skip auth_only_len bytes from output
buffer. Due to this, workarounds have to be made in dpseci driver code.
Also this leads to failing of one cryptodev test case for gcm. In this
patch, we change the descriptor construction and adjust dpaaX_sec
accordingly. The test_AES_GCM_auth_encrypt_SGL_out_of_place_400B_1seg
now passes.
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
The code shall also check aead as non auth-cipher case
Fixes: 1f14d500bc ("crypto/dpaa_sec: support IPsec protocol offload")
Cc: stable@dpdk.org
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
The black list of dpaa_sec devices fails.
EAL: failed to parse device "dpaa:dpaa_sec-1"
This patch address following issues:
- bus usages dpaa-sec while the driver usage dpaa_sec
- bus usages numbers from 0 to MAX_SEC - while driver
probe usages sec number form max-fman_device +1
Fixes: 6e0752205b ("bus/dpaa: support device blacklisting")
Cc: stable@dpdk.org
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Reviewed-by: Sachin Saxena <sachin.saxena@nxp.com>