For HMAC algorithms (SHAx-HMAC), the supported digest sizes are not a
fixed value, but a range between 1 and the maximum digest size for those
algorithms.
Fixes: 0f89def76127 ("crypto/armv8: fix HMAC supported key sizes")
Cc: stable@dpdk.org
Signed-off-by: Anoob Joseph <anoob.joseph@caviumnetworks.com>
Signed-off-by: Sachin Saxena <sachin.saxena@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
rte_cryptodev_get_header_session_size() and
rte_cryptodev_get_private_session_size() functions are
targeting symmetric sessions.
With the future addition of asymmetric operations,
these functions need to be renamed from *cryptodev_*_session_*
to *cryptodev_sym_*_session_* to be symmetric specific.
The two original functions are marked as deprecated
and will be removed in 18.08, so applications can still
use the functions in 18.05.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Shally Verma <shally.verma@caviumnetworks.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Acked-by: Deepak Kumar Jain <deepak.k.jain@intel.com>
The list of workers cores was represented by 64-bit bitmask.
It doesn't work if system has cores with id higher than 63.
This fix changes list of workers cores to array of uint16_t.
The size of array equals to RTE_MAX_LCORE.
Fixes: 4c07e0552f0a ("crypto/scheduler: add multicore scheduling mode")
Cc: stable@dpdk.org
Signed-off-by: Kirill Rybalchenko <kirill.rybalchenko@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
qp->temp_digest is already an array of uint8_t,
so no need to cast to uint8_t*.
Fixes: baf1e63bfd65 ("crypto/aesni_gcm: do not append digest")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Missing AES-CMAC supported parameters
in PMD capabilities.
Fixes: 6491dbbecebb ("crypto/aesni_mb: support AES CMAC")
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Marko Kovacevic <marko.kovacevic@intel.com>
This patch fixes the possible duplicated ring names in multi-core
scheduler. Originally two or more multi-core schedulers may have
same worker ring names thus will cause initialization error.
Fixes: 4c07e0552f0a ("crypto/scheduler: add multicore scheduling mode")
Cc: stable@dpdk.org
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
When scheduler mode changed from multicore to roundrobin and
back to multicore, scheduler tries to create memory rings with
the same name and fails. The fix allows to lookup and re-use
previously allocated memory rings.
Fixes: 4c07e0552f0a ("crypto/scheduler: add multicore scheduling mode")
Cc: stable@dpdk.org
Signed-off-by: Kirill Rybalchenko <kirill.rybalchenko@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Tested-by: Reshma Pattan <reshma.pattan@intel.com>
CCP PMD supports authentication offload to either of CCP or CPU.
The earlier version of patch provides this option as compile time.
This patch changes this option from compile time to run time.
User can pass "ccp_auth_opt=1" as an additional arguments to vdev
parameter to enable authentication operations on CPU.
Signed-off-by: Ravi Kumar <ravi1.kumar@amd.com>
fle is already in virtual addressing mode - no need to perform
address conversion for it.
Fixes: 8d1f3a5d751b ("crypto/dpaa2_sec: support crypto operation")
Cc: stable@dpdk.org
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
If private context creation fails, the memory
allocated for it and for some of the rings created
was being leaked.
In case of failure, it must be freed.
Fixes: 4c07e0552f0a ("crypto/scheduler: add multicore scheduling mode")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Picking a company stock ticker for a PMD name might not be a best approach
in a long run since name is too generic.
This patch addresses that and renames mrvl to mvsam.
Signed-off-by: Natalie Samsonov <nsamsono@marvell.com>
Signed-off-by: Tomasz Duszynski <tdu@semihalf.com>
Crypto requires physical to virtual address conversion for
descriptors. Prior to memory hotplugging this was based on memseg
iteration assuming memsegs are all physical contiguous and using
cached start address fast calculations can be done. This
assumption now stands invalid with memory hotplugging support.
In preparation for supporting hotplugging change to memory,
this patchset removes the optimized pool context stored physical
address offset based PA-VA conversion.
This adversely affects the performance as complete memsegs now need
to be parsed, but a rework containing necessary optimization would be
posted over this.
Signed-off-by: Shreyansh Jain <shreyansh.jain@nxp.com>
For HMAC algorithms (MD5-HMAC, SHAx-HMAC), the supported
digest sizes are not a fixed value, but a range between
1 and the maximum digest size for those algorithms.
Fixes: f947fd77185f ("crypto/dpaa2_sec: fix HMAC supported key sizes")
Cc: stable@dpdk.org
Signed-off-by: Nipun Gupta <nipun.gupta@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
For HMAC algorithms (MD5-HMAC, SHAx-HMAC), the supported
digest sizes are not a fixed value, but a range between
1 and the maximum digest size for those algorithms.
Also setting iv_size as 0.
Fixes: c3e85bdcc6e6 ("crypto/dpaa_sec: add crypto driver for NXP DPAA platform")
Cc: stable@dpdk.org
Signed-off-by: Nipun Gupta <nipun.gupta@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
This patch adds the support for dynamic logging in dpaa_sec.
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
The ZUC API to encrypt packets does not require the operations
to share the same key. Currently, the operations were being
batched only when they shared the same key, but this is not needed.
Instead, now operations will be batched based on the transform
(cipher only, auth only...).
Fixes: cf7685d68f00 ("crypto/zuc: add driver for ZUC library")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
When processing operations, the operation type was being
checked to avoid if it was set to NOT SUPPORTED.
In data path, doing so is not required since that is already
checked when creating the crypto session,
so that case will not ever happen.
Fixes: cf7685d68f00 ("crypto/zuc: add driver for ZUC library")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
When crypto operations are allocated from the operation
pool, their status get reset to NOT_PROCESSED.
Therefore, there is no need to set this status again.
Fixes: cf7685d68f00 ("crypto/zuc: add driver for ZUC library")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
The AES-CBC cipher only algorithm has been supported now.
Signed-off-by: Jay Zhou <jianjay.zhou@huawei.com>
Reviewed-by: Fan Zhang <roy.fan.zhang@intel.com>
This patch implements the statistics of the packets.
Signed-off-by: Jay Zhou <jianjay.zhou@huawei.com>
Reviewed-by: Fan Zhang <roy.fan.zhang@intel.com>
This patch implements the functions of virtio_crypto_pkt_tx_burst()
and virtio_crypto_pkt_rx_burst(). The encryption and decryption requests
are placed in the data queue and are ultimately handled by
the backend crypto accelerators.
Signed-off-by: Jay Zhou <jianjay.zhou@huawei.com>
Reviewed-by: Fan Zhang <roy.fan.zhang@intel.com>
This patch implements session related operations, which includes creating
and destroying the session. For now, it only supports the session-oriented
API implementation. The control queue used to create or destroy sessions
for symmetric algorithms.
Signed-off-by: Jay Zhou <jianjay.zhou@huawei.com>
Reviewed-by: Fan Zhang <roy.fan.zhang@intel.com>
This patch implements the basic operations of virtio crypto PMD, which
includes start, stop, close, information getting, queue setup and
release of the device.
The virtio crypto device has two types of queues, data queue and
control queue. It has one data queue at least and has one and only one
control queue. For example, if a virtio crypto device has N queues,
then [0, N-2] is the data queue index, N-1 is the control
queue index.
Signed-off-by: Jay Zhou <jianjay.zhou@huawei.com>
Reviewed-by: Fan Zhang <roy.fan.zhang@intel.com>
This patch implements the initialization of the virtio crypto device.
The virtio crypto device conforms to virtio-1.0, so this patch only
supports modern mode operation.
The cryptodev is created at the virtio crypto pci device probing stage.
The function of virtio_crypto_pkt_tx_burst() is used to burst transfer
packets and virtio_crypto_pkt_rx_burst() is used to burst receive packets.
Signed-off-by: Jay Zhou <jianjay.zhou@huawei.com>
Reviewed-by: Fan Zhang <roy.fan.zhang@intel.com>
The virtio crypto device is a virtual cryptography device
as well as a kind of virtual hardware accelerator for
virtual machines. The linux kernel virtio-crypto driver
has been merged, and this patch introduces virtio crypto
PMD to achieve better performance.
Signed-off-by: Jay Zhou <jianjay.zhou@huawei.com>
Reviewed-by: Fan Zhang <roy.fan.zhang@intel.com>
Fixed as reported by NXP's internal coverity.
Also part of dpdk coverity.
Coverity issue: 268331
Coverity issue: 268333
Fixes: 8d1f3a5d751b ("crypto/dpaa2_sec: support crypto operation")
Cc: stable@dpdk.org
Signed-off-by: Sunil Kumar Kori <sunil.kori@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
op storage in fle is just for reference for post dq.
So, don't convert it to iova mode.
Fixes: 37f96eb01bce ("crypto/dpaa2_sec: support scatter gather")
Cc: stable@dpdk.org
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Currently, the context mempools are allocated during device probe. Thus,
even if the DPAA SEC devices are not used, any application would still
allocate the memory required for working with the contexts.
This patch moves the allocation to configuration time so that when the
CAAM devices are configured, this allocation would be done.
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
Signed-off-by: Ashish Jain <ashish.jain@nxp.com>
Tested-by: Shreyansh Jain <shreyansh.jain@nxp.com>
Adding a check to do portal configuration if not already
configured before packet enqueue. This check is only done
during dpaa_sec_attach_sess_q for initial packets,
so this change wont affect the data path and hence performance.
Fixes: e79416d10fa3 ("crypto/dpaa_sec: support multiple sessions per queue pair")
Cc: stable@dpdk.org
Signed-off-by: Ashish Jain <ashish.jain@nxp.com>
Auth operations can be performed on CPU without offloading
to CCP if CONFIG_RTE_LIBRTE_PMD_CCP_CPU_AUTH is enabled in
DPDK configuration. CCP PMD skip offloading auth operations
to hardware engines and perform them using openssl APIs.
Signed-off-by: Ravi Kumar <ravi1.kumar@amd.com>
Add SHA3 family authentication algorithm support for
CCP crypto PMD. This patch defines new macros for SHA3
algorithms in the DPDK crypto framework.
Signed-off-by: Ravi Kumar <ravi1.kumar@amd.com>
Added CCP cipher support for following algorithms:
AES-CBC-128/192/256
AES-CTR-128/192/256
AES-ECB-128/192/256
Signed-off-by: Ravi Kumar <ravi1.kumar@amd.com>
CCP engines support true hardware random generation feature.
This patch implements api to read random number from CCP to be
used within PMD.
Signed-off-by: Ravi Kumar <ravi1.kumar@amd.com>
Added support for burst oriented data path.
CCP PMD selects appropriate CCP engine available
on the platform and schedule the batch of crypto ops to a
selected hardware queue of the respective crypto engine.
Signed-off-by: Ravi Kumar <ravi1.kumar@amd.com>
Added crypto queue pair specific crypto ops callback functions
to setup and manage a CCP crypto queue pair object. CCP PMD
exposes only a single crypto queue pair object and handles the
actual hardware queues underneath.
Signed-off-by: Ravi Kumar <ravi1.kumar@amd.com>