Check should be on parameter uio_fd instead of
local variable job_ring
Fixes: e7a45f3cc2 ("crypto/caam_jr: add UIO specific operations")
Reported-by: Ferruh Yigit <ferruh.yigit@intel.com>
Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
In lib cryptodev, RSA verify operation inputs plain message text and
corresponding signature and expected to return
RTE_CRYPTO_OP_STATUS_SUCCESS/FAILURE on a signature match/mismatch.
Current OpenSSL PMD RSA verify implementation overrides application passed
sign input by decrypted output which isn't expected.
This patch addresses this issue in OpenSSL PMD. Now, OpenSSL PMD use
tmp buffer to pass to OpenSSL sign API and memcmp output with
original plain text to verify signature match.
Set op->status = RTE_CRYPTO_OP_STATUS_ERROR on signature mismatch.
Fixes: 3e9d6bd447 ("crypto/openssl: add RSA and mod asym operations")
Cc: stable@dpdk.org
Signed-off-by: Ayuj Verma <ayuj.verma@caviumnetworks.com>
Signed-off-by: Akash Saxena <akash.saxena@caviumnetworks.com>
Signed-off-by: Shally Verma <shally.verma@caviumnetworks.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
build_error:
drivers/crypto/scheduler/scheduler_pmd.c: In function ‘parse_name_arg’:
drivers/crypto/scheduler/scheduler_pmd.c:372:2: error: ‘strncpy’
specified bound 64 equals destination size [-Werror=stringop-truncation]
strncpy(params->name, value, RTE_CRYPTODEV_NAME_MAX_LEN);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
strncpy may result a not null-terminated string,
replaced it with strlcpy
Fixes: 503e9c5afb ("crypto/scheduler: register as vdev driver")
Cc: stable@dpdk.org
Signed-off-by: Jerin Jacob <jerin.jacob@caviumnetworks.com>
Some global variables are defined with generic names, add component name
as prefix to variables to prevent collusion with application variables.
Signed-off-by: Ferruh Yigit <ferruh.yigit@intel.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
Acked-by: Shreyansh Jain <shreyansh.jain@nxp.com>
Acked-by: Tianfei Zhang <tianfei.zhang@intel.com>
Some global variables can indeed be static, add static keyword to them.
Signed-off-by: Ferruh Yigit <ferruh.yigit@intel.com>
Acked-by: Jerin Jacob <jerin.jacob@caviumnetworks.com>
Acked-by: Shreyansh Jain <shreyansh.jain@nxp.com>
PDCP session configuration for lookaside protocol offload
and data path is added.
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
DPAA2 SEC platform can support look aside protocol
offload for PDCP protocol.
The relevant APIs for configuring the hardware for PDCP
is added for various modes and crypto algorithms.
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Signed-off-by: Horia Geanta Neag <horia.geanta@nxp.com>
Signed-off-by: Alex Porosanu <alexandru.porosanu@nxp.com>
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
dma_addr_t is already defined in compat.h.
so removing the local definition from caam_jr_config.h
Fixes: 64c0451f5b ("crypto/caam_jr: add HW tuning options")
Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
RTE_SECURITY is enabled by default. If it is disabled, dpaa2_sec,
dpaa_sec and caam_jr compilation fails.
This patch fixes compilation by disabling these drivers
when rte_security is not available.
Fixes: 1ee9569576 ("config: enable dpaaX drivers for generic ARMv8")
Fixes: 09e1e8d256 ("mk: fix dependencies of dpaaX drivers")
Fixes: af7c9b5e9c ("crypto/caam_jr: introduce basic driver")
Cc: stable@dpdk.org
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
We use _GNU_SOURCE all over the place, but often times we miss
defining it, resulting in broken builds on musl. Rather than
fixing every library's and driver's and application's makefile,
fix it by simply defining _GNU_SOURCE by default for all
builds.
Remove all usages of _GNU_SOURCE in source files and makefiles,
and also fixup a couple of instances of using __USE_GNU instead
of _GNU_SOURCE.
Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
This patch provides the support for protocol offload
to the hardware. following security operations are
added:
- session_create
- session_destroy
- capabilities_get
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
This patch add support for :
1. creating run time sec hw decriptors for a given request.
2. enqueue operation to the caam jr ring
3. dequeue operation from the caam jr ring in poll mode
4. creating a crypto protocol descriptor for session - first time.
Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
This patch add support to create session configuration
of various types i.e. cipher, auth and aead etc.
Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
caam_jr need support from kernel caam driver for
job ring initialisation. So to access register space
for job ring and allow re configure and map to userspace
UIO interface is used. This also allows to handle the
caam interrupts from the user space.
This patch adds UIO specific operations
Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
This patch add routines for configuring the hw
to support various features.
These routines will be used by the PMD ops.
The patch also defines structure and macros used
to access hw capabilities.
Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
caam_jr hardware can be tuned for multiple settings
like ring depth, coalescing, notification types, cache
size etc.
These parameter can be used for performance tuning
for various platforms.
Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
The caam_jr poll mode crypto driver is supported for
NXP SEC 4.x+ (CAAM) hardware accelerator.
This driver is by default supported on LE platforms,
if it is used on BE platforms like LS104X,
config option CONFIG_RTE_LIBRTE_PMD_CAAM_JR_BE can be
enabled.
This patch add skeleton for caam jobring driver
with probe and uintialisation functions
Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
This patch updates the current AESNI-MB PMD with added AES-GCM
algorithm support. The patch includes the necessary changes
to the code including the capability update, control and data
patch changes for the AES-GCM algorithm support.
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
This patch add AES-CMAC support. CMAC is a keyed hash function
that is based on a symmetric key block cipher. It is One-Key
CBC MAC improvement over XCBC-MAC. RFC 4493. NIST SP 800-38B.
Signed-off-by: Tomasz Cel <tomaszx.cel@intel.com>
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Queues attached to event crypto device can be
parallel, atomic and ordered.
This patch add support for atomic queues processing
for dpaa2_sec queues.
Signed-off-by: Ashish Jain <ashish.jain@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
dpaa2_sec hw queues can be attached to a hw dpaa2 event
device and the application can configure the event
crypto adapter to access the dpaa2_sec packets using
hardware events.
This patch defines APIs which can be used by the dpaa2
event device to attach/detach dpaa2_sec queues.
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
Signed-off-by: Ashish Jain <ashish.jain@nxp.com>
Adding initialization of global resources. This will be saved as
metadata in cptvf and would be used by common code. Exit path for
failure case is also added along with the new routines.
Signed-off-by: Ankur Dwivedi <ankur.dwivedi@caviumnetworks.com>
Signed-off-by: Anoob Joseph <anoob.joseph@caviumnetworks.com>
Signed-off-by: Murthy NSSR <nidadavolu.murthy@caviumnetworks.com>
Signed-off-by: Nithin Dabilpuram <nithin.dabilpuram@caviumnetworks.com>
Signed-off-by: Ragothaman Jayaraman <rjayaraman@caviumnetworks.com>
Signed-off-by: Srisivasubramanian S <ssrinivasan@caviumnetworks.com>
Signed-off-by: Tejasree Kondoj <kondoj.tejasree@caviumnetworks.com>
Adding hardware init routine for OCTEON TX crypto device. A place holder
is added for misc polling routine. That will be added in the further
patches.
Signed-off-by: Ankur Dwivedi <ankur.dwivedi@caviumnetworks.com>
Signed-off-by: Anoob Joseph <anoob.joseph@caviumnetworks.com>
Signed-off-by: Murthy NSSR <nidadavolu.murthy@caviumnetworks.com>
Signed-off-by: Nithin Dabilpuram <nithin.dabilpuram@caviumnetworks.com>
Signed-off-by: Ragothaman Jayaraman <rjayaraman@caviumnetworks.com>
Signed-off-by: Srisivasubramanian S <ssrinivasan@caviumnetworks.com>
Signed-off-by: Tejasree Kondoj <kondoj.tejasree@caviumnetworks.com>
Use common initialization to reduce boilerplate code.
Signed-off-by: Dmitri Epshtein <dima@marvell.com>
Signed-off-by: Tomasz Duszynski <tdu@semihalf.com>
Reviewed-by: Natalie Samsonov <nsamsono@marvell.com>
The patch adds support for chained source mbufs given
to crypto operations. The crypto engine accepts source buffer
containing a number of segments. The destination buffer
stays the same - always one segment.
On decryption, EIP engine will look for digest at 'auth_icv_offset'
offset in SRC buffer.It must be placed in the last segment and the
offset must be set to reach digest in the last segment.
If application doesn't placed digest in source mbuf, driver try to
copy it to a last segment.
Signed-off-by: Zyta Szpak <zr@semihalf.com>
Signed-off-by: Natalie Samsonov <nsamsono@marvell.com>
Reviewed-by: Dmitri Epshtein <dima@marvell.com>
3DES in ECB mode is supported by the PMD thus specific
entry should exist in the crypto PMD capabilities list.
Signed-off-by: Tomasz Duszynski <tdu@semihalf.com>
Reviewed-by: Natalie Samsonov <nsamsono@marvell.com>
