Caught by compiling with -fno-common.
A ____cacheline_aligned symbol can be found in the crypto/ccp driver
object files.
Looking at this driver source, the ____cacheline_aligned (kernel?)
alignment macro is undefined.
The compiler treats this as a symbol definition and generates a global
symbol.
Fixes: ef4b04f87fa6 ("crypto/ccp: support device init")
Cc: stable@dpdk.org
Signed-off-by: David Marchand <david.marchand@redhat.com>
Like for OCTEON TX, the OCTEON TX2 crypto engines must
first be unbound from their kernel module, then rebound to
vfio-pci, before being used in DPDK.
As this capability is detected at runtime by dpdk-pmdinfo,
add the info in the PMD registering directives.
Then an external script can be used for bind and unbind.
Fixes: 2f8a1b963eb77 ("crypto/octeontx2: add PMD skeleton")
Cc: stable@dpdk.org
Signed-off-by: Thierry Herbelot <thierry.herbelot@6wind.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
The header file rte_config.h is always included by make or meson.
If required in an exported API header file, it must be included
in the public header file for external applications.
In the internal files, explicit include of rte_config.h is useless,
and can be removed.
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Acked-by: Matan Azrad <matan@mellanox.com>
Acked-by: David Marchand <david.marchand@redhat.com>
Acked-by: Neil Horman <nhorman@tuxdriver.com>
OCTEON TX2 crypto PMD supports digest lengths from 4 to 16 bytes
with new firmware.
Signed-off-by: Archana Muniganti <marchana@marvell.com>
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Add support for CPU crypto mode by introducing required handler.
Authenticated encryption and decryption are supported with tag
generation/verification.
CPU crypto support include both AES-GCM and GMAC algorithms.
Signed-off-by: Marcin Smoczynski <marcinx.smoczynski@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Tested-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Adding the infrastructure to save one opaque pointer in idev and
implement the consumer-producer in the PMDs which uses it accordingly.
Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Signed-off-by: Archana Muniganti <marchana@marvell.com>
Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>
Signed-off-by: Vamsi Attunuru <vattunuru@marvell.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
For enabling outbound inline IPsec, a CPT queue needs to be tied
to a NIX PF_FUNC. Distribute CPT queues fairly among all available
otx2 eth ports.
For inbound, one CPT LF will be assigned and initialized by kernel.
Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Signed-off-by: Archana Muniganti <marchana@marvell.com>
Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>
Signed-off-by: Vamsi Attunuru <vattunuru@marvell.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
This patch reorganize the members of a structure
used by driver in its data-path to improve
performance.
Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
DPAA sec driver is using virtual to physical address
translation in its data path and driver is using
dpaax_iova_table_update() API in every address translation
which is very costly.
This patch moves dpaax_iova_table_update() calling to rte_dpaa_mem_ptov(),
only if it fails to found translation from DPAAX table.
Fixes: 12e5842945bf ("crypto/dpaa_sec: fix IOVA table")
Cc: stable@dpdk.org
Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Add a new CCP PCI device ID for supporting V1000/R1000 processors.
Signed-off-by: Selwin Sebastian <selwin.sebastian@amd.com>
Acked-by: Ravi Kumar <ravi1.kumar@amd.com>
Armv8 crypto PMD linked to armv8_crypto library created by Marvell.
Maintenance of armv8_crypto library will be discontinued.
Change Armv8 PMD to link to AArch64 crypto library hosted by Arm.
Signed-off-by: Ruifeng Wang <ruifeng.wang@arm.com>
Reviewed-by: Honnappa Nagarahalli <honnappa.nagarahalli@arm.com>
Reviewed-by: Gavin Hu <gavin.hu@arm.com>
Reviewed-by: Ola Liljedahl <ola.liljedahl@arm.com>
Acked-by: Jerin Jacob <jerinj@marvell.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Link against Intel IPsec Multi-buffer library, which
added support for SNOW3G-UEA2 and SNOW3G-UIA2 from version v0.53,
moving from libSSO SNOW3G library.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Link against Intel IPsec Multi-buffer library, which
added support for KASUMI-F8 and KASUMI-F9 from version v0.53,
moving from libSSO KASUMI library.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Link against Intel IPsec Multi-buffer library, which
added support for ZUC-EEA3 and ZUC-EIA3 from version v0.53,
moving from libSSO ZUC library.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
API makes think that rte_cryptodev_info_get() cannot return
a value >= 3 (RTE_CRYPTO_AEAD_LIST_END in 19.11).
20.02-rc1 was returning 3 (RTE_CRYPTO_AEAD_CHACHA20_POLY1305).
So the ABI compatibility contract was broken.
It could be solved with some function versioning,
but because a lack of time, the feature is reverted for now.
This reverts following commits:
- 6c9f3b347e21 ("cryptodev: add Chacha20-Poly1305 AEAD algorithm")
- 2c512e64d600 ("crypto/qat: support Chacha Poly")
- d55e01f579e1 ("test/crypto: add Chacha Poly cases")
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
This patch implements handling mixed encrypted digest hash-cipher
requests (e.g. SNOW3G + ZUC or ZUC + AES CTR) possible when running
on GEN3 QAT. Such algorithm combinations are not supported on
GEN1/GEN2 hardware.
Signed-off-by: Adam Dybkowski <adamx.dybkowski@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
This patch adds minimum enqueue threshold to Intel
QuickAssist Technology PMD.
It is an optimisation, configured by a command line option,
which can be used to reduce MMIO write occurrences.
Signed-off-by: Fiona Trahe <fiona.trahe@intel.com>
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Add support for asymmetric operation EC Point Multiplication,
in crypto_octeontx PMD.
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Signed-off-by: Balakrishna Bhamidipati <bbhamidipati@marvell.com>
Signed-off-by: Sunila Sahu <ssahu@marvell.com>
CCP can support varied digest sizes ranging from 1 to some max value
But the current code support only fixed max values.
This patch updates the minimum digest sizes to 1
Fixes: e0d88a394e ("crypto/ccp: support run-time CPU based auth")
Cc: stable@dpdk.org
Signed-off-by: Amaranath Somalapuram <asomalap@amd.com>
CCP driver was scheduling only one CCP in a single burst(enqueue).
Effective throughput was limited to 1 CCP performance.
Scheduling multiple ccp within one burst will increase the ccp performance.
this changes will divide the enqueue packets equally among the multiple CCP
Fixes: e0d88a394e ("crypto/ccp: support run-time CPU based auth")
Cc: stable@dpdk.org
Signed-off-by: Amaranath Somalapuram <asomalap@amd.com>
when ccp_auth_opt=1 is set and if authentication error occurred,
ccp driver crash. The enqueue referance count nb_ops miss match
with dequeue nb_ops on authentication error.
Fixes: e0d88a394e ("crypto/ccp: support run-time CPU based auth")
Cc: stable@dpdk.org
Signed-off-by: Amaranath Somalapuram <asomalap@amd.com>
CCP driver crash when running l2fwd
issue happen when changing MAX_PKT_BURST 32 to 256
increasing the CCP qp to 8 and CCP_MAX_BURST to 256
Fixes: ef4b04f87f ("crypto/ccp: support device init")
Cc: stable@dpdk.org
Signed-off-by: Amaranath Somalapuram <asomalap@amd.com>
Merge all versions in linker version script files to DPDK_20.0.
This commit was generated by running the following command:
:~/DPDK$ buildtools/update-abi.sh 20.0
Signed-off-by: Pawel Modrak <pawelx.modrak@intel.com>
Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
Acked-by: Bruce Richardson <bruce.richardson@intel.com>
Acked-by: Thomas Monjalon <thomas@monjalon.net>
Since the library versioning for both stable and experimental ABI's is
now managed globally, the LIBABIVER and version variables no longer
serve any useful purpose, and can be removed.
The replacement in Makefiles was done using the following regex:
^(#.*\n)?LIBABIVER\s*:=\s*\d+\n(\s*\n)?
(LIBABIVER := numbers, optionally preceded by a comment and optionally
succeeded by an empty line)
The replacement for meson files was done using the following regex:
^(#.*\n)?version\s*=\s*\d+\n(\s*\n)?
(version = numbers, optionally preceded by a comment and optionally
succeeded by an empty line)
[David]: those variables are manually removed for the files:
- drivers/common/qat/Makefile
- lib/librte_eal/meson.build
[David]: the LIBABIVER is restored for the external ethtool example
library.
Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
Signed-off-by: David Marchand <david.marchand@redhat.com>
Acked-by: Thomas Monjalon <thomas@monjalon.net>
As per current support, Scatter Gather is only supported
for out of place input and output buffers.
This patch add support for Scatter Gather for in-place buffers.
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
Session contexts are used for temporary storage when processing a
packet.
If packets for the same session are to be processed simultaneously on
multiple cores, separate contexts must be used.
Note: with openssl 1.1.1 EVP_CIPHER_CTX can no longer be defined as a
variable on the stack: it must be allocated. This in turn reduces the
performance.
Fixes: d61f70b4c918 ("crypto/libcrypto: add driver for OpenSSL library")
Cc: stable@dpdk.org
Signed-off-by: Thierry Herbelot <thierry.herbelot@6wind.com>
This patch usages the anti replay window size to config
the anti replay checking in decap path for lookaside
IPSEC offload
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
The protocol aware ipsec descriptor has been modified to
use ctr_initial value of 1 and salt configured for ipsec SA.
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
As per RFC3686, the initial aes-ctr counter value should be '1' for use
in ipsec. The patches changes SEC descriptor for using correct counter
value. In addition, it drops a redundant parameter for passing IV while
creating the descriptor.
This patch adds changes for all NXP crypto PMDs
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
This patch throw the warning when using truncated digest
len for SHA256 case.
As per RFC4868, SHA-256 should use 128 bits of ICV.
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
This patch add support for AES-128-GCM, when used in
lookaside protocol offload case.
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
These are supported when using protocol offload mode or when
in chain mode.
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
These are supported when using protocol offload mode or in chain mode.
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
set the pdcp capa_flags to 0 by default.
Fixes: a1173d55598c ("crypto/dpaa_sec: support PDCP offload")
Cc: stable@dpdk.org
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
