This patch adds support for plain SHA-1, SHA-224, SHA-256,
SHA-384 and SHA-512 hashes to QAT PMD.
Signed-off-by: Adam Dybkowski <adamx.dybkowski@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Add feature flag for symmetric sessionless support,
so it can be checked by applications.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Adam Dybkowski <adamx.dybkowski@intel.com>
Tested-by: Ruifeng Wang <ruifeng.wang@arm.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
When authenticating after encrypting, if the operation
is out-of-place, the destination buffer is the one
that will get authenticated.
If the cipher offset is higher than the authentication
offset, it means that part of the text to authenticate
will be plaintext, so this needs to get copied to the
destination buffer, or the result will be incorrect.
Fixes: d61f70b4c918 ("crypto/libcrypto: add driver for OpenSSL library")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Add support for CPU crypto mode by introducing required handler.
Signed-off-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
This patch adds support for DOCSIS AES-256 when using AESNI-MB
Signed-off-by: Mairtin o Loingsigh <mairtin.oloingsigh@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
The four crypto drivers: kasumi, mvsam, snow3g and zuc define logtype
variables in their header file. As the header files are included
in more than one compilation unit, it might cause appearance
of multiple instances of the variable and a linker error.
Such situation can occur, when no common section is allowed
by the compiler settings and tentative definitions are placed
in BSS section.
Fixes: 2cba3814932e ("crypto/kasumi: add dynamic logging")
Fixes: a05a450f42fd ("crypto/mvsam: add dynamic logging")
Fixes: f3af5f9d1325 ("crypto/zuc: add dynamic logging")
Fixes: a3277ad47feb ("cryptodev: remove crypto device driver name")
Cc: stable@dpdk.org
Signed-off-by: Lukasz Wojciechowski <l.wojciechow@partner.samsung.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
The zlib compression driver, as well as the aesni-gcm, aesni-mb and openssl
crypto drivers all defined the logtype variable in the header file
directly. This gives errors with gcc 10, due to -fno-common being the
default, so we need to apply the same fix in all cases:
* move the variable definition to a suitable .c file
* mark the forward declaration of the variable in the header as "extern"
Fixes: 0c4e4c16b004 ("compress/zlib: introduce zlib PMD")
Fixes: 90c8a2d02a31 ("crypto/aesni_gcm: add dynamic logging")
Fixes: 276624ae2ef6 ("crypto/aesni_mb: add dynamic logging")
Fixes: 094b2386f461 ("crypto/openssl: add dynamic logging")
Cc: stable@dpdk.org
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Acked-by: Lukasz Wojciechowski <l.wojciechow@partner.samsung.com>
This NULL check is unnecessary, container_of is never NULL.
Signed-off-by: Yunjian Wang <wangyunjian@huawei.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
There is a common macro __rte_unused, avoiding warnings,
which is now used where appropriate for consistency.
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
There is a common macro __rte_packed for packing structs,
which is now used where appropriate for consistency.
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
There is a common macro __rte_aligned for alignment,
which is now used where appropriate for consistency.
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Reviewed-by: David Christensen <drc@linux.vnet.ibm.com>
Remove setting ALLOW_EXPERIMENTAL_API individually for each Makefile and
meson.build. Instead, enable ALLOW_EXPERIMENTAL_API flag across app, lib
and drivers.
This changes reduces the clutter across the project while still
maintaining the functionality of ALLOW_EXPERIMENTAL_API i.e. warning
external applications about experimental API usage.
Signed-off-by: Pavan Nikhilesh <pbhagavatula@marvell.com>
Acked-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Signed-off-by: David Marchand <david.marchand@redhat.com>
In nitrox_sym_pmd_create() the name array will overflow if the pci
device name is greater than 57 bytes. To fix this issue subtract pci
device name length from array length while appending substring to the
name.
Coverity issue: 349926
Fixes: 9fdef0cc2385 ("crypto/nitrox: create symmetric cryptodev")
Cc: stable@dpdk.org
Signed-off-by: Nagadheeraj Rottela <rnagadheeraj@marvell.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
If the NPS_PKT ring/port is greater than 8191 the NPS_PKT*() macros will
evaluate to incorrect values due to unintended sign extension from int
to unsigned long. To fix this, add UL suffix to the constants in these
macros. The same problem is with AQMQ_QSZX() macro also.
Coverity issue: 349899, 349905, 349911, 349921, 349923
Fixes: 32e4930d5a3b ("crypto/nitrox: add hardware queue management")
Fixes: 0a8fc2423bff ("crypto/nitrox: introduce Nitrox driver")
Cc: stable@dpdk.org
Signed-off-by: Nagadheeraj Rottela <rnagadheeraj@marvell.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
This patch adds handling of mixed hash-cipher algorithms
available on GEN2 QAT in particular firmware versions.
Also the documentation is updated to show the mixed crypto
algorithms are supported on QAT GEN2.
Signed-off-by: Adam Dybkowski <adamx.dybkowski@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
To detect if sgl, use nb_segs > 1, instead of checking for next pointer,
as nb_segs is in first cache-line while next is in second cache-line.
Signed-off-by: Fiona Trahe <fiona.trahe@intel.com>
Acked-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Improve case where application set m_dst to same as m_src
so really an in-place operation, though would have been treated
as out-of-place. No functional change but this path can now benefit
from DMA alignment.
Signed-off-by: Fiona Trahe <fiona.trahe@intel.com>
Acked-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
This commit removes unused function pointer (queue_pair_count)
from struct rte_cryptodev_ops. Related functions removed as well.
Signed-off-by: Artur Trybula <arturx.trybula@intel.com>
Reviewed-by: Ruifeng Wang <ruifeng.wang@arm.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
This patch adds support for DOCSIS AES-256 when using qat
Signed-off-by: Mairtin o Loingsigh <mairtin.oloingsigh@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
The EAL API (with doxygen documentation) is moved from
common/include/ to include/, which makes more clear that
it is the global API for all environments and architectures.
Note that the arch-specific and OS-specific include files are not
in this global include directory, but include/generic/ should
cover the doxygen documentation for them.
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Acked-by: David Marchand <david.marchand@redhat.com>
In the check for the version of intel-ipsec-mb library,
there is a backslash in front of the #include.
This backslash is for escaping the hash sign parsed as
a number sign in make.
Since make-4.3, escaping is not required for the number sign.
As a consequence, it resolves now to '\#':
syntax error near unexpected token `|'
`grep -e "IMB_VERSION_STR" \#include <intel-ipsec-mb.h> | cut -d'"' -f2'
syntax error near unexpected token `|'
`grep -e "IMB_VERSION_NUM" \#include <intel-ipsec-mb.h> | cut -d' ' -f3'
The makefiles are fixed by using a variable for the hash sign,
as recommended in make-4.3 changelog:
https://lists.gnu.org/archive/html/info-gnu/2020-01/msg00004.html
Fixes: 3067c8ce77ac ("crypto/aesni_mb: fix build with custom dependency path")
Fixes: 457b8e372975 ("crypto/aesni_gcm: check dependency version with make")
Fixes: bf6eb2c22fd1 ("crypto/kasumi: use IPsec library")
Fixes: 7c87e2d7b359 ("crypto/snow3g: use IPsec library")
Fixes: 61f7c988e39e ("crypto/zuc: use IPsec library")
Cc: stable@dpdk.org
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
GCC 10 defaults to -fno-common, this means a linker error will now be
reported if the same global variable is defined in more than one
compilation unit.
Fixes: 2f8a1b963eb7 ("crypto/octeontx2: add PMD skeleton")
Cc: stable@dpdk.org
Signed-off-by: Timothy Redaelli <tredaelli@redhat.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
When OpenSSL or AESNI-MB cryptodev is being used in sessionless mode
for symmetric crypto operation (e.g. SHA256 hash), the driver prints
error message:
CRYPTODEV: set_sym_session_private_data() line 489:
Set private data for driver 0 not allowed
Then, AESNI-MB driver segfaults in post_process_mb_job().
Bugzilla ID: 377
Fixes: b3bbd9e5f2 ("cryptodev: support device independent sessions")
Fixes: c68d7aa354 ("crypto/aesni_mb: use architecture independent macros")
Cc: stable@dpdk.org
Signed-off-by: Junxiao Shi <git@mail1.yoursunny.com>
Caught by compiling with -fno-common.
A ____cacheline_aligned symbol can be found in the crypto/ccp driver
object files.
Looking at this driver source, the ____cacheline_aligned (kernel?)
alignment macro is undefined.
The compiler treats this as a symbol definition and generates a global
symbol.
Fixes: ef4b04f87fa6 ("crypto/ccp: support device init")
Cc: stable@dpdk.org
Signed-off-by: David Marchand <david.marchand@redhat.com>
Like for OCTEON TX, the OCTEON TX2 crypto engines must
first be unbound from their kernel module, then rebound to
vfio-pci, before being used in DPDK.
As this capability is detected at runtime by dpdk-pmdinfo,
add the info in the PMD registering directives.
Then an external script can be used for bind and unbind.
Fixes: 2f8a1b963eb77 ("crypto/octeontx2: add PMD skeleton")
Cc: stable@dpdk.org
Signed-off-by: Thierry Herbelot <thierry.herbelot@6wind.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
The header file rte_config.h is always included by make or meson.
If required in an exported API header file, it must be included
in the public header file for external applications.
In the internal files, explicit include of rte_config.h is useless,
and can be removed.
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Acked-by: Matan Azrad <matan@mellanox.com>
Acked-by: David Marchand <david.marchand@redhat.com>
Acked-by: Neil Horman <nhorman@tuxdriver.com>
OCTEON TX2 crypto PMD supports digest lengths from 4 to 16 bytes
with new firmware.
Signed-off-by: Archana Muniganti <marchana@marvell.com>
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Add support for CPU crypto mode by introducing required handler.
Authenticated encryption and decryption are supported with tag
generation/verification.
CPU crypto support include both AES-GCM and GMAC algorithms.
Signed-off-by: Marcin Smoczynski <marcinx.smoczynski@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Tested-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Adding the infrastructure to save one opaque pointer in idev and
implement the consumer-producer in the PMDs which uses it accordingly.
Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Signed-off-by: Archana Muniganti <marchana@marvell.com>
Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>
Signed-off-by: Vamsi Attunuru <vattunuru@marvell.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
For enabling outbound inline IPsec, a CPT queue needs to be tied
to a NIX PF_FUNC. Distribute CPT queues fairly among all available
otx2 eth ports.
For inbound, one CPT LF will be assigned and initialized by kernel.
Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Signed-off-by: Archana Muniganti <marchana@marvell.com>
Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>
Signed-off-by: Vamsi Attunuru <vattunuru@marvell.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
This patch reorganize the members of a structure
used by driver in its data-path to improve
performance.
Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
DPAA sec driver is using virtual to physical address
translation in its data path and driver is using
dpaax_iova_table_update() API in every address translation
which is very costly.
This patch moves dpaax_iova_table_update() calling to rte_dpaa_mem_ptov(),
only if it fails to found translation from DPAAX table.
Fixes: 12e5842945bf ("crypto/dpaa_sec: fix IOVA table")
Cc: stable@dpdk.org
Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Add a new CCP PCI device ID for supporting V1000/R1000 processors.
Signed-off-by: Selwin Sebastian <selwin.sebastian@amd.com>
Acked-by: Ravi Kumar <ravi1.kumar@amd.com>
Armv8 crypto PMD linked to armv8_crypto library created by Marvell.
Maintenance of armv8_crypto library will be discontinued.
Change Armv8 PMD to link to AArch64 crypto library hosted by Arm.
Signed-off-by: Ruifeng Wang <ruifeng.wang@arm.com>
Reviewed-by: Honnappa Nagarahalli <honnappa.nagarahalli@arm.com>
Reviewed-by: Gavin Hu <gavin.hu@arm.com>
Reviewed-by: Ola Liljedahl <ola.liljedahl@arm.com>
Acked-by: Jerin Jacob <jerinj@marvell.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Link against Intel IPsec Multi-buffer library, which
added support for SNOW3G-UEA2 and SNOW3G-UIA2 from version v0.53,
moving from libSSO SNOW3G library.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Link against Intel IPsec Multi-buffer library, which
added support for KASUMI-F8 and KASUMI-F9 from version v0.53,
moving from libSSO KASUMI library.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Link against Intel IPsec Multi-buffer library, which
added support for ZUC-EEA3 and ZUC-EIA3 from version v0.53,
moving from libSSO ZUC library.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
API makes think that rte_cryptodev_info_get() cannot return
a value >= 3 (RTE_CRYPTO_AEAD_LIST_END in 19.11).
20.02-rc1 was returning 3 (RTE_CRYPTO_AEAD_CHACHA20_POLY1305).
So the ABI compatibility contract was broken.
It could be solved with some function versioning,
but because a lack of time, the feature is reverted for now.
This reverts following commits:
- 6c9f3b347e21 ("cryptodev: add Chacha20-Poly1305 AEAD algorithm")
- 2c512e64d600 ("crypto/qat: support Chacha Poly")
- d55e01f579e1 ("test/crypto: add Chacha Poly cases")
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
This patch implements handling mixed encrypted digest hash-cipher
requests (e.g. SNOW3G + ZUC or ZUC + AES CTR) possible when running
on GEN3 QAT. Such algorithm combinations are not supported on
GEN1/GEN2 hardware.
Signed-off-by: Adam Dybkowski <adamx.dybkowski@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
This patch adds minimum enqueue threshold to Intel
QuickAssist Technology PMD.
It is an optimisation, configured by a command line option,
which can be used to reduce MMIO write occurrences.
Signed-off-by: Fiona Trahe <fiona.trahe@intel.com>
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
