Added support for burst oriented data path.
CCP PMD selects appropriate CCP engine available
on the platform and schedule the batch of crypto ops to a
selected hardware queue of the respective crypto engine.
Signed-off-by: Ravi Kumar <ravi1.kumar@amd.com>
Added crypto queue pair specific crypto ops callback functions
to setup and manage a CCP crypto queue pair object. CCP PMD
exposes only a single crypto queue pair object and handles the
actual hardware queues underneath.
Signed-off-by: Ravi Kumar <ravi1.kumar@amd.com>
Added crypto session specific basic crypto ops callback functions.
Added different crypto engine types and definitions.
Signed-off-by: Ravi Kumar <ravi1.kumar@amd.com>
CCP PMD is a virtual crypto PMD which schedules a number of available
actual CCP hardware engines underneath. The PMD
manages all devices by its own. The PMD supports CCP_5a and
CCP_5b versions of crypto engines and this patch adds support
to initialize and use such devices.
Signed-off-by: Ravi Kumar <ravi1.kumar@amd.com>
Added support for AES CMAC hash algorithm with 128-bit key,
which has been added in the v0.49 of the IPSec Multi-buffer lib.
Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Adds support for the v0.49 of the IPsec Multi-buffer lib,
which now gets compiled and installed as a shared object.
Therefore, there is no need to pass the AESNI_MULTI_BUFFER_LIB_PATH
Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Adds support for the v0.49 of the IPsec Multi-buffer lib,
which now gets compiled and installed as a shared object.
Therefore, there is no need to pass the AESNI_MULTI_BUFFER_LIB_PATH
Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
rte_cryptodev_pmd_init_params should use NUMA node of the QAT device
for its socket_id rather than the socket_id of the initializing process.
Signed-off-by: Lee Roberts <lee.roberts@hpe.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
While trying to do a shared build one will get linkage error
since a couple of library dependencies are missing from a makefile.
At some point there was a batch update of all PMDs but mrvl crypto was
missed back then.
Necessary makefile changes were introduced in
commit cbc12b0a96f5 ("mk: do not generate LDLIBS from directory dependencies")
Signed-off-by: Tomasz Duszynski <tdu@semihalf.com>
Pass an rte_driver to the RTE_PMD_REGISTER_CRYPTO_DRIVER macro
rather than an unspecified container which holds an rte_driver.
All the macro actually needs is the rte_driver, not the
container holding it.
This paves the way for a later patch in which a driver
will be registered which does not naturally derive from a
container and so avoids having to create an arbitrary container
to pass in the rte_driver.
This patch changes the cryptodev lib macro and all the
PMDs which use it.
Signed-off-by: Fiona Trahe <fiona.trahe@intel.com>
Reviewed-by: Akhil Goyal <akhil.goyal@nxp.com>
Meson build currently tracks the dependencies between libraries, which
can often make things easier, but has the side-effect of slowing down
the initial meson run if too many duplicated dependencies are provided.
Therefore, we remove dependencies from the dpaa items where other
dependencies already depend on those. This provides a noticable speed-up
in meson configuration runs when lots of sample apps are included in the
build.
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Tested-by: Harry van Haaren <harry.van.haaren@intel.com>
Acked-by: Hemant Agrawal <hemant.agrawal@nxp.com>
In case of Receive from Ethernet we add a new pull request (prefetch)
but do not fetch the results from that pull request until next
dequeue operation. This keeps the portal in busy mode.
This patch updates the portals bifurcation to have separate portals
to receive packets for Ethernet and all other devices to use a
common portal.
Signed-off-by: Nipun Gupta <nipun.gupta@nxp.com>
Before, we were aggregating multiple pages into one memseg, so the
number of memsegs was small. Now, each page gets its own memseg,
so the list of memsegs is huge. To accommodate the new memseg list
size and to keep the under-the-hood workings sane, the memseg list
is now not just a single list, but multiple lists. To be precise,
each hugepage size available on the system gets one or more memseg
lists, per socket.
In order to support dynamic memory allocation, we reserve all
memory in advance (unless we're in 32-bit legacy mode, in which
case we do not preallocate memory). As in, we do an anonymous
mmap() of the entire maximum size of memory per hugepage size, per
socket (which is limited to either RTE_MAX_MEMSEG_PER_TYPE pages or
RTE_MAX_MEM_MB_PER_TYPE megabytes worth of memory, whichever is the
smaller one), split over multiple lists (which are limited to
either RTE_MAX_MEMSEG_PER_LIST memsegs or RTE_MAX_MEM_MB_PER_LIST
megabytes per list, whichever is the smaller one). There is also
a global limit of CONFIG_RTE_MAX_MEM_MB megabytes, which is mainly
used for 32-bit targets to limit amounts of preallocated memory,
but can be used to place an upper limit on total amount of VA
memory that can be allocated by DPDK application.
So, for each hugepage size, we get (by default) up to 128G worth
of memory, per socket, split into chunks of up to 32G in size.
The address space is claimed at the start, in eal_common_memory.c.
The actual page allocation code is in eal_memalloc.c (Linux-only),
and largely consists of copied EAL memory init code.
Pages in the list are also indexed by address. That is, in order
to figure out where the page belongs, one can simply look at base
address for a memseg list. Similarly, figuring out IOVA address
of a memzone is a matter of finding the right memseg list, getting
offset and dividing by page size to get the appropriate memseg.
This commit also removes rte_eal_dump_physmem_layout() call,
according to deprecation notice [1], and removes that deprecation
notice as well.
On 32-bit targets due to limited VA space, DPDK will no longer
spread memory to different sockets like before. Instead, it will
(by default) allocate all of the memory on socket where master
lcore is. To override this behavior, --socket-mem must be used.
The rest of the changes are really ripple effects from the memseg
change - heap changes, compile fixes, and rewrites to support
fbarray-backed memseg lists. Due to earlier switch to _walk()
functions, most of the changes are simple fixes, however some
of the _walk() calls were switched to memseg list walk, where
it made sense to do so.
Additionally, we are also switching locks from flock() to fcntl().
Down the line, we will be introducing single-file segments option,
and we cannot use flock() locks to lock parts of the file. Therefore,
we will use fcntl() locks for legacy mem as well, in case someone is
unfortunate enough to accidentally start legacy mem primary process
alongside an already working non-legacy mem-based primary process.
[1] http://dpdk.org/dev/patchwork/patch/34002/
Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
Tested-by: Santosh Shukla <santosh.shukla@caviumnetworks.com>
Tested-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Tested-by: Gowrishankar Muthukrishnan <gowrishankar.m@linux.vnet.ibm.com>
Digest and IV length variable declarations have changed.
These were escaping builds as the debugging macro was disabled.
During dynamic logging change, they were discoverd.
Fixes: 0fbd75a99fc9 ("cryptodev: move IV parameters to session")
Fixes: 7f0034275a24 ("cryptodev: remove digest length from crypto op")
Cc: stable@dpdk.org
Signed-off-by: Shreyansh Jain <shreyansh.jain@nxp.com>
Acked-by: Hemant Agrawal <hemant.agrawal@nxp.com>
This patch fixes the build dependency of various
dpaaX components, when the dpaa or fslmc bus is disabled,
or VFIO is disabled.
Fixes: 1ee9569576f6 ("config: enable dpaaX drivers for generic ARMv8")
Cc: stable@dpdk.org
Reported-by: Yongseok Koh <yskoh@mellanox.com>
Suggested-by: Thomas Monjalon <thomas@monjalon.net>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
There are several func calls to rte_zmalloc() which don't do null
point check on the return value. And before return, the memory is not
freed. Fix it by adding null point check and rte_free().
Fixes: 1703e94ac5ce ("qat: add driver for QuickAssist devices")
Fixes: e09231eaa2af ("crypto/qat: add SGL capability")
Cc: stable@dpdk.org
Signed-off-by: Yong Wang <wang.yong19@zte.com.cn>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Acked-by: Ferruh Yigit <ferruh.yigit@intel.com>
The coverity issue was not completely fixed, since strncpy
should not be called with max length.
Instead, snprintf is used as a safer option.
Coverity issue: 143431
Fixes: d040aca67170 ("crypto/scheduler: fix strings not null terminated")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Reviewed-by: Harry van Haaren <harry.van.haaren@intel.com>
Acked-by: Keith Wiles <keith.wiles@intel.com>
Acked-by: Luca Boccassi <luca.boccassi@gmail.com>
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Reviewed-by: Harry van Haaren <harry.van.haaren@intel.com>
Acked-by: Keith Wiles <keith.wiles@intel.com>
Acked-by: Luca Boccassi <luca.boccassi@gmail.com>
Add in a crypto driver class, and implement compiling the null crypto
instance.
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Reviewed-by: Harry van Haaren <harry.van.haaren@intel.com>
Acked-by: Keith Wiles <keith.wiles@intel.com>
Acked-by: Luca Boccassi <luca.boccassi@gmail.com>
dpaa2_sec/dpaa2_sec_dpseci.c:1287:25: error: implicit conversion from
enumeration type 'enum rte_crypto_aead_algorithm' to different enumeration
type 'enum rte_crypto_cipher_algorithm' [-Werror,-Wenum-conversion]
session->cipher_alg = RTE_CRYPTO_AEAD_AES_GCM;
Fixes: 13273250eec5 ("crypto/dpaa2_sec: support AES-GCM and CTR")
Cc: stable@dpdk.org
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Issue detected by coverity. Could never actually cause a
problem as truncated value (0x7f7f7f7f->0x7f) is what's needed.
But fix in code for correctness.
Coverity issue: 194998
Fixes: 571365dd4c5e ("crypto/qat: enable Rx head writes coalescing")
Cc: stable@dpdk.org
Signed-off-by: Fiona Trahe <fiona.trahe@intel.com>
If auth algorithm is RTE_CRYPTO_AUTH_NULL and digest_length is 0
in the xform and digest pointer is set in the op, then
the PMD may overwrite memory at the digest pointer.
With this patch the memory is not overwritten.
Fixes: db0e952a5c01 ("crypto/qat: add NULL capability")
Cc: stable@dpdk.org
Signed-off-by: Fiona Trahe <fiona.trahe@intel.com>
Acked-by: Radu Nicolau <radu.nicolau@intel.com>
This commit fixes right cast from qat_cipher_get_block_size
function. This function can return -EFAULT in case of
any error, and that value must be cast to int instead of uint8_t
Fixes: d18ab45f7654 ("crypto/qat: support DOCSIS BPI mode")
Cc: stable@dpdk.org
Signed-off-by: Tomasz Jozwiak <tomaszx.jozwiak@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
This commit fixes
- bpi_cipher_encrypt to prevent before 'array subscript is
above array bounds' error
- bpi_cipher_decrypt to prevent before 'array subscript is
above array bounds' error
Fixes: d18ab45f7654 ("crypto/qat: support DOCSIS BPI mode")
Cc: stable@dpdk.org
Signed-off-by: Tomasz Jozwiak <tomaszx.jozwiak@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Seen with GCC 7.2.0, a switch fall through is detected and
cannot be fixed with a fall-through comment or attribute:
drivers/crypto/dpaa2_sec/hw/rta/operation_cmd.h:89:6: error:
this statement may fall through [-Werror=implicit-fallthrough=]
if (rta_sec_era < RTA_SEC_ERA_2)
^
The check is disabled in dpaa2_sec Makefile but not in dpaa_sec Makefile
which uses source code shared by dpaa2_sec.
The workaround is to disable the check at the beginning of the file.
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Add checks during build to ensure that all symbols in the EXPERIMENTAL
version map section have __experimental tags on their definitions, and
enable the warnings needed to announce their use. Also add an
ALLOW_EXPERIMENTAL_APIS define to allow individual libraries and files
to declare the acceptability of experimental api usage
Signed-off-by: Neil Horman <nhorman@tuxdriver.com>
Acked-by: Thomas Monjalon <thomas@monjalon.net>
Two macros were defined in cryptodev, to serve the same
purpose: RTE_CRYPTODEV_NAME_LEN (in the config file) and
RTE_CRYPTODEV_NAME_MAX_LEN (in the rte_cryptodev.h file).
Since the second one is part of the external API,
the first one has been removed, avoiding duplications.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Tomasz Duszynski <tdu@semihalf.com>
