Fix return code when asymmetric crypto
or compression service is selected on GEN4 devices.
Fixes: 8f393c4ffd ("common/qat: support GEN4 devices")
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
This patch fixes the raw data path dequeue burst fail problem.
Previously in case the queue is full and not all packets
asked to be dequeued are processed, the dequeue burst will
never happen.
Fixes: c21574edc5 ("cryptodev: add dequeue count parameter in raw API")
Cc: stable@dpdk.org
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Fix possible access of an array by negative index in function
qat_sym_qp_setup.
Coverity issue: 372131, 372134
Fixes: 8f393c4ffd ("common/qat: support GEN4 devices")
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Adam Dybkowski <adamx.dybkowski@intel.com>
This commit updates the QAT raw data-path API to support the
changes made to device and sessions. The QAT RAW data-path API
now works on Generation 1-3 devices and is disabled on GEN4.
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Signed-off-by: Adam Dybkowski <adamx.dybkowski@intel.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
Rework init common header function for request
descriptor so it can be called only once.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
Content descriptor functions are incorrectly named,
having them with proper name will improve readability and
facilitate further work.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
Different generations of Intel QuickAssist Technology devices may
differ in approach to allocate queues. Queue pair number function
therefore needs to be more generic.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
In Arm platform, when "RTE_ARCH_ARM64_MEMCPY" is set as true, gcc will
report variable uninitialized warning:
../drivers/crypto/qat/qat_sym_session.c: In function ‘partial_hash_compute’:
../lib/eal/include/generic/rte_byteorder.h:241:24: warning:
‘<U35a0>’ may be used uninitialized in this function
[-Wmaybe-uninitialized]
241 | #define rte_bswap32(x) __builtin_bswap32(x)
...
This is because "digest" will be initialized by "rte_memcpy" function
rather than "memcpy" if "RTE_ARCH_ARM64_MEMCPY" is set as true.
Furthermore, 'rte_memcpy' will initialize 'digest' with two steps
by invoking rte_mov_x functions. For example:
partial_hash_sha1 -> rte_memcpy -> rte_memcpy_ge16_lt_128 ->
step 1: rte_mov16(dst,src )
step 2: rte_mov16(dst - 16 + n, src - 16 + n)
However, gcc compiler cannot identify this multi-step initialization,
then it will report warning.
To fix this, use "memset" to initialize "digest".
Fixes: cd7fc8a84b ("eal/arm64: optimize memcpy")
Cc: stable@dpdk.org
Signed-off-by: Feifei Wang <feifei.wang2@arm.com>
Reviewed-by: Ruifeng Wang <ruifeng.wang@arm.com>
Reviewed-by: Honnappa Nagarahalli <honnappa.nagarahalli@arm.com>
Acked-by: Adam Dybkowski <adamx.dybkowski@intel.com>
This patch fixes the NULL auth generation case where the request
shouldn't contain the authentication result address. Allows to run
ipsec_autotest with a QAT device.
Fixes: 65beb9abca ("crypto/qat: fix null auth when using VFIO")
Cc: stable@dpdk.org
Signed-off-by: Adam Dybkowski <adamx.dybkowski@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Running "./devtools/check-meson.py --fix" on the DPDK repo fixes a
number of issues with whitespace and formatting of files:
* indentation of lists
* missing trailing commas on final list element
* multiple list entries per line when list is not all single-line
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
This patch changes the experimental raw data path dequeue burst API.
Originally the API enforces the user to provide callback function
to get maximum dequeue count. This change gives the user one more
option to pass directly the expected dequeue count.
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
This commit fixes problem with to small offset when both offsets
(auth, cipher) are non zero in digest encrypt case,
when using out-of-place and sgl.
Fixes: 40002f6c2a ("crypto/qat: extend support for digest-encrypted auth-cipher")
Cc: stable@dpdk.org
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
This patch implements Single-Pass AES-GMAC possible on QAT GEN3
which improves the performance. On GEN1 and GEN2 the previous
chained method is used.
Signed-off-by: Adam Dybkowski <adamx.dybkowski@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
This patch fixes the missed digest in buffer support to
QAT symmetric raw API. Originally digest in buffer is
supported only for wireless algorithms
Fixes: 728c76b0e5 ("crypto/qat: support raw datapath API")
Cc: stable@dpdk.org
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Meson can use cmake as a fallback for detecting packages, and this can
lead to picking up 64-libs for 32-bit builds. To work around this, force
the use of pkg-config only for detecting libcrypto, zlib, jansson and
other package dependencies.
Cc: stable@dpdk.org
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Tested-by: Ruifeng Wang <ruifeng.wang@arm.com>
Tested-by: Liron Himi <lironh@marvell.com>
Tested-by: Lee Daly <lee.daly@intel.com>
Tested-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Tested-by: Martin Spinler <spinler@cesnet.cz>
Use the newer macros defined by meson in all DPDK source code, to ensure
there are no errors when the old non-standard macros are removed.
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Acked-by: Luca Boccassi <bluca@debian.org>
Acked-by: Andrew Rybchenko <andrew.rybchenko@oktetlabs.ru>
Acked-by: Rosen Xu <rosen.xu@intel.com>
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
This patch updates QAT PMD to add raw data-path API support.
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Adam Dybkowski <adamx.dybkowski@intel.com>
This patch removes unused fields from structs qat_qp and
qat_qp_config, together with their initializations.
Signed-off-by: Adam Dybkowski <adamx.dybkowski@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
DOCSIS protocol performance in the downlink direction can be improved
significantly in the QAT SYM PMD, especially for larger packets, by
pre-processing all CRC generations in a batch before building and
enqueuing any requests to the HW. This patch adds this optimization.
Fixes: 6f0ef23740 ("crypto/qat: support DOCSIS protocol")
Signed-off-by: David Coyle <david.coyle@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
This patch makes some improvements to the security instance setup for
the QAT SYM PMD, as follows:
- fix potential memory leak where the security instance was not freed if
an error occurred later in the device creation
- tidy-up security instance initialization code by moving it all,
including enabling the RTE_CRYPTODEV_FF_SECURITY feature, into one
'#ifdef RTE_LIBRTE_SECURITY' block
Fixes: 6f0ef23740 ("crypto/qat: support DOCSIS protocol")
Signed-off-by: David Coyle <david.coyle@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
The variable names crc_length and crc_offset have been changed to
crc_data_len and crc_data_ofs respectively, to make it clearer as to
their use i.e. the length and offset of the data over which the CRC is
calculated.
Fixes: 6f0ef23740 ("crypto/qat: support DOCSIS protocol")
Signed-off-by: David Coyle <david.coyle@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Multi-segment mbufs are not supported for DOCSIS security protocol.
This patch adds an explicit check for this and returns an op error if
this case is found. This limitation is also added to the QAT cryptodev
documentation.
Fixes: 6f0ef23740 ("crypto/qat: support DOCSIS protocol")
Signed-off-by: David Coyle <david.coyle@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
This patch improves the DOCSIS session creation as follows:
- it validates the security action type as well as the protocol before
creating a session and now does this validation before allocating the
session from the mempool
- it clears the entire private session struct before populating it with
DOCSIS session info, in case any data was left over from the last time
it was used
- it simplifies the DOCSIS parameter setting, which was overly
complicated
Fixes: 6f0ef23740 ("crypto/qat: support DOCSIS protocol")
Signed-off-by: David Coyle <david.coyle@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Move qat capabilities data into a memzone where it can be
shared by primary and secondary processes.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
As cryptodev driver_id is allocated per-process,
a corner case exists where binaries for primary and
secondary processes could have different driver_ids
if built differently. Add checking in qat PMD to catch and
handle the case where driver_ids are inconsistent.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
This patch refactors qat data into structures
which are local to the process and structures which
are intended to be shared by primary and secondary
processes. This enables qat devices to be used by
multi process applications.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
This patch fixes the increment field of the AES-XTS cipher key size.
Fixes: 7d5ef3bb32 ("crypto/qat: support XTS")
Cc: stable@dpdk.org
Signed-off-by: Adam Dybkowski <adamx.dybkowski@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Add support to the QAT SYM PMD for the DOCSIS protocol, through the
rte_security API. This, therefore, includes adding support for the
rte_security API to this PMD.
Signed-off-by: David Coyle <david.coyle@intel.com>
Signed-off-by: Mairtin o Loingsigh <mairtin.oloingsigh@intel.com>
This patch adds the verification of the crypto session IOVA
that should be known (not zero) to proceed with the
session initialisation. In case of unknown IOVA
the error code -EINVAL is returned.
Signed-off-by: Adam Dybkowski <adamx.dybkowski@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Offset of cd pointer is too big by state1size + state2size, so few extra
unnecessary bytes will be copied into cd. Snow offset was improved as well.
Fixes: d9b7d5bbc8 ("crypto/qat: add ZUC EEA3/EIA3 capability")
Cc: stable@dpdk.org
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
This patch adds support for plain SHA-1, SHA-224, SHA-256,
SHA-384 and SHA-512 hashes to QAT PMD.
Signed-off-by: Adam Dybkowski <adamx.dybkowski@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
There is a common macro __rte_aligned for alignment,
which is now used where appropriate for consistency.
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Reviewed-by: David Christensen <drc@linux.vnet.ibm.com>
This patch adds handling of mixed hash-cipher algorithms
available on GEN2 QAT in particular firmware versions.
Also the documentation is updated to show the mixed crypto
algorithms are supported on QAT GEN2.
Signed-off-by: Adam Dybkowski <adamx.dybkowski@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
To detect if sgl, use nb_segs > 1, instead of checking for next pointer,
as nb_segs is in first cache-line while next is in second cache-line.
Signed-off-by: Fiona Trahe <fiona.trahe@intel.com>
Acked-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Improve case where application set m_dst to same as m_src
so really an in-place operation, though would have been treated
as out-of-place. No functional change but this path can now benefit
from DMA alignment.
Signed-off-by: Fiona Trahe <fiona.trahe@intel.com>
Acked-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
This commit removes unused function pointer (queue_pair_count)
from struct rte_cryptodev_ops. Related functions removed as well.
Signed-off-by: Artur Trybula <arturx.trybula@intel.com>
Reviewed-by: Ruifeng Wang <ruifeng.wang@arm.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
This patch adds support for DOCSIS AES-256 when using qat
Signed-off-by: Mairtin o Loingsigh <mairtin.oloingsigh@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
API makes think that rte_cryptodev_info_get() cannot return
a value >= 3 (RTE_CRYPTO_AEAD_LIST_END in 19.11).
20.02-rc1 was returning 3 (RTE_CRYPTO_AEAD_CHACHA20_POLY1305).
So the ABI compatibility contract was broken.
It could be solved with some function versioning,
but because a lack of time, the feature is reverted for now.
This reverts following commits:
- 6c9f3b347e ("cryptodev: add Chacha20-Poly1305 AEAD algorithm")
- 2c512e64d6 ("crypto/qat: support Chacha Poly")
- d55e01f579 ("test/crypto: add Chacha Poly cases")
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>