GCC 12 raises the following warning:
In function '_mm_storeu_si128',
inlined from 'rte_mov16' at
../lib/eal/x86/include/rte_memcpy.h:508:2,
inlined from 'rte_mov128' at
../lib/eal/x86/include/rte_memcpy.h:542:2,
inlined from 'rte_memcpy_generic' at
../lib/eal/x86/include/rte_memcpy.h:732:4,
inlined from 'rte_memcpy' at
../lib/eal/x86/include/rte_memcpy.h:882:10,
inlined from 'qat_sym_do_precomputes.constprop' at
../drivers/crypto/qat/qat_sym_session.c:1434:2:
/usr/lib/gcc/x86_64-pc-linux-gnu/12.1.1/include/emmintrin.h:739:8: error:
array subscript 8 is outside array bounds of 'unsigned char[128]'
[-Werror=array-bounds]
739 | *__P = __B;
| ~~~~~^~~~~
../drivers/crypto/qat/qat_sym_session.c:
In function 'qat_sym_do_precomputes.constprop':
../drivers/crypto/qat/qat_sym_session.c:1305:17: note:
at offset 192 into object 'opad.750' of size 128
1305 | uint8_t
opad[qat_hash_get_block_size(ICP_QAT_HW_AUTH_ALGO_DELIMITER)];
| ^~~~
../drivers/crypto/qat/qat_sym_session.c:
In function 'qat_sym_do_precomputes.constprop':
../drivers/crypto/qat/qat_sym_session.c:1304:17: note:
at offset 128 into object 'ipad.749' of size 128
1304 | uint8_t
ipad[qat_hash_get_block_size(ICP_QAT_HW_AUTH_ALGO_DELIMITER)];
| ^~~~
Added a check to prevent compiler warnings.
Fixes: 1703e94ac5 ("qat: add driver for QuickAssist devices")
Cc: stable@dpdk.org
Signed-off-by: Amit Prakash Shukla <amitprakashs@marvell.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Some cryptographic algorithms such as MD5 and DES are now considered legacy
and not enabled by default in OpenSSL 3.0. Load up legacy provider as MD5
DES are needed in QAT session pre-computes and secure session creation.
Fixes: 3227bc7138 ("crypto/qat: use intel-ipsec-mb for partial hash and AES")
Cc: stable@dpdk.org
Signed-off-by: Kai Ji <kai.ji@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Arm port of ipsec_mb library [1] has different header file name than
the Intel ipsec_mb library. Proper header name is picked according to
the architecture to get the code compile when ipsec_mb is installed on
Arm platform.
And the Arm port currently supports ZUC and SNOW3g. Call to other
algorithms will be blocked.
[1] https://gitlab.arm.com/arm-reference-solutions/ipsec-mb/-/tree/main
Signed-off-by: Ruifeng Wang <ruifeng.wang@arm.com>
Acked-by: Ashwin Sekhar T K <asekhar@marvell.com>
The pci bus interface is for drivers only.
Mark as internal and move the header in the driver headers list.
While at it, cleanup the code:
- fix indentation,
- remove unneeded reference to bus specific singleton object,
- remove unneeded list head structure type,
- reorder the definitions and macro manipulating the bus singleton object,
- remove inclusion of rte_bus.h and fix the code that relied on implicit
inclusion,
Signed-off-by: David Marchand <david.marchand@redhat.com>
Acked-by: Bruce Richardson <bruce.richardson@intel.com>
Acked-by: Ajit Khaparde <ajit.khaparde@broadcom.com>
Acked-by: Rosen Xu <rosen.xu@intel.com>
Currently when running the dpdk-perf-test with DOCSIS
security sessions, a segmentation fault occurs. This
is due to the check being made that the session is not
equal to op->sym->sec_session. This check passes the
first time but on the second iteration fails and doesn't
create the build_request.
This commit fixes that error by getting the ctx first
from the private session data and then comparing ctx,
rather than op->sym->sec_session, with the sess.
Fixes: fb3b9f4922 ("crypto/qat: rework burst data path")
Cc: stable@dpdk.org
Signed-off-by: Rebecca Troy <rebecca.troy@intel.com>
Signed-off-by: Kai Ji <kai.ji@intel.com>
Currently if AES or DES algorithms fail for DOCSIS test suite,
a segmentation fault occurs when cryptodev_qat_autotest is ran.
This is due to a duplicate call of EVP_CIPHER_CTX_free for the
session context. Ctx is freed firstly in the bpi_cipher_ctx_init
function and then again at the end of qat_sym_session_configure_cipher
function.
This commit fixes this bug by removing the first instance
of EVP_CIPHER_CTX_free, leaving just the dedicated function in
the upper level to free the ctx.
Fixes: 98f0608916 ("crypto/qat: add symmetric session file")
Cc: stable@dpdk.org
Signed-off-by: Rebecca Troy <rebecca.troy@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Since openssl 3.0 now deprecates the low level API QAT required to
perform partial hash & AES operation when creating the session. This
patch add in qat_ipsec_mb_lib driver parameter to allow QAT PMD to
switch APIs between openssl and intel ipsec-mb library.
Signed-off-by: Kai Ji <kai.ji@intel.com>
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Ciara Power <ciara.power@intel.com>
This commit fixes missing guards for size of memcpy,
it is needed to prevent faulty access when incorrect length
passed from the user.
Fixes: 3b78aa7b23 ("crypto/qat: refactor asymmetric crypto functions")
Cc: stable@dpdk.org
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Full cookie data should be cleared by default if not algorithm
specified. This is protection in case algorithm specific cleanup
is not implemented.
Fixes: 3b78aa7b23 ("crypto/qat: refactor asymmetric crypto functions")
Cc: stable@dpdk.org
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
- move RSA padding into separate struct.
More padding members should be added into padding,
therefore having separate struct for padding parameters will
make this more readable.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
This commit unifies macros for asymmetric parameters,
therefore making code easier to maintain.
It additionally changes some of PMD output logs that
right now can only be seen in debug mode.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
This commit enables asymmetric crypto in generation four
devices (4xxx).
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Kai Ji <kai.ji@intel.com>
This patch fix the cipher & auth offset and length values when convert
mbuf to vector chain for QAT build op.
Fixes: a815a04cea ("crypto/qat: support symmetric build op request")
Cc: stable@dpdk.org
Signed-off-by: Kai Ji <kai.ji@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
The API of the OpenSSL library has changed with version 3.0. This results
in a lot of compiler warnings like
../dpdk/drivers/crypto/ccp/ccp_crypto.c:182:9:
warning: ‘SHA256_Transform’ is deprecated:
Since OpenSSL 3.0 [-Wdeprecated-declarations]
As many Linux distributions still use elder OpenSSL libraries we cannot
change the used API now. Instead define OPENSSL_API_COMPAT to indicate
that we are using the OpenSSL 1.1.0 API.
OPENSSL_API_COMPAT is introduced in *.c files and not in *.h files as some
*.c files directly include OpenSSL headers.
Fixes: d61f70b4c9 ("crypto/libcrypto: add driver for OpenSSL library")
Cc: stable@dpdk.org
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Tested-by: Daxue Gao <daxuex.gao@intel.com>
Tested-by: David Marchand <david.marchand@redhat.com>
Acked-by: Kai Ji <kai.ji@intel.com>
This patch fix the memory corruptions issue reported by
coverity. The process type handling in QAT PMDs where only
primary and secondary process are supported in qat build
request.
Coverity issue: 376551, 376570, 376534
Fixes: fb3b9f4922 ("crypto/qat: rework burst data path")
Signed-off-by: Kai Ji <kai.ji@intel.com>
This patch fixes not working cases when modulus is
smaller than other arguments.
Fixes: 3b78aa7b23 ("crypto/qat: refactor asymmetric crypto functions")
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
This patch refactors asymmetric session in Intel
QuickAssist Technology PMD and fixes some issues
with xform. Code will be now bit more scalable,
and easier readable.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
This commit refactors asummetric crypto functions
in Intel QuickAssist Technology PMD.
Functions right now are shorter and far easier readable,
plus it facilitates addition of new algorithms.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
This patch unifies QAT's raw dp api implementations
to the same enqueue/dequeue methods used in crypto operations.
The specific functions for different QAT generation are updated
respectively. The qat_sym_hw_dp.c is removed as no longer required.
Signed-off-by: Kai Ji <kai.ji@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
This patch enable the op_build_request function in
qat_enqueue_op_burst, and the qat_dequeue_process_response
function in qat_dequeue_op_burst.
The op_build_request invoked in crypto build request op is based
on crypto operations setup'd during session init.
Signed-off-by: Kai Ji <kai.ji@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
This patch removes qat_asym_pmd.c and integrates all the
functions into qat_asym.c. The unified/integrated asym crypto
pmd functions should make them easier to maintain.
Signed-off-by: Kai Ji <kai.ji@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
This patch removes qat_sym_pmd.c and integrates all the functions into
qat_sym.c. The unified/integrated qat sym crypto pmd functions should
make them easier to maintain.
Signed-off-by: Kai Ji <kai.ji@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
This patch reworks the asymmetric crypto data path
implementation in QAT driver. The changes include asymmetric
crypto data path separation for QAT hardware generations, and
code optimisation of the device capabilities declaration.
Signed-off-by: Kai Ji <kai.ji@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
This patch introduces a set of set_session methods to QAT
generations. In addition, the reuse of QAT session between
generations is prohibit as the support of min_qat_dev_gen_id'
is removed.
Signed-off-by: Kai Ji <kai.ji@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
This patch adds common inline functions for QAT symmetric
crypto driver to process crypto op, and the implementation of
build op request function for QAT generation 1.
Signed-off-by: Kai Ji <kai.ji@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
This patch introduce build request and dequeue op function
pointers to the qat queue pair implementation. The function
pointers are assigned during qat session generation based on input
crypto operation request.
Signed-off-by: Kai Ji <kai.ji@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
This patch fixes misspelled RTE_RSA_KEY_TYPE_QT,
this will prevent checkpach from complaining wherever
change to RSA is being made.
Fixes: 26008aaed1 ("cryptodev: add asymmetric xform and op definitions")
Cc: stable@dpdk.org
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
Rather than using a session buffer that contains pointers to private
session data elsewhere, have a single session buffer.
This session is created for a driver ID, and the mempool element
contains space for the max session private data needed for any driver.
Signed-off-by: Ciara Power <ciara.power@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
This patch fix the cipher params configuration in AEAD job if
QAT GEN4 unified cipher slice(UCS) enabled.
Fixes: 328d690d2f ("crypto/qat: update raw data path")
Cc: stable@dpdk.org
Signed-off-by: Kai Ji <kai.ji@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Removing the use of driver following PMD as its unnecessary.
Cc: stable@dpdk.org
Signed-off-by: Sean Morrissey <sean.morrissey@intel.com>
Signed-off-by: Conor Fogarty <conor.fogarty@intel.com>
Acked-by: John McNamara <john.mcnamara@intel.com>
Reviewed-by: Conor Walsh <conor.walsh@intel.com>
Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>
This patch replaces the mixed QAT symmetric and asymmetric
support implementation by separate files with shared or
individual implementation for specific QAT generation.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Signed-off-by: Kai Ji <kai.ji@intel.com>
Acked-by: Ciara Power <ciara.power@intel.com>
This patch adds the symmetric and asymmetric crypto data
structure and function prototypes for different QAT
generations.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Signed-off-by: Kai Ji <kai.ji@intel.com>
Acked-by: Ciara Power <ciara.power@intel.com>
This patch unifies the QAT symmetric and asymmetric device
private data structures and functions.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Signed-off-by: Kai Ji <kai.ji@intel.com>
Acked-by: Ciara Power <ciara.power@intel.com>
This patch replaces the mixed QAT queue pair configuration
implementation by separate files with shared or individual
implementation for specific QAT generation.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Signed-off-by: Kai Ji <kai.ji@intel.com>
Signed-off-by: Przemyslaw Zegan <przemyslawx.zegan@intel.com>
Acked-by: Ciara Power <ciara.power@intel.com>
This commit fixes uncleared cookies issue when using
RSA algorithm.
Fixes: e2c5f4ea99 ("crypto/qat: support RSA in asym")
Cc: stable@dpdk.org
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
This commit fixes not set crypto op status when decrypting
with RSA algorithm.
Fixes: e2c5f4ea99 ("crypto/qat: support RSA in asym")
Cc: stable@dpdk.org
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Remove the check and build failure from crypto/meson.build
in case building for Windows OS.
Add this check/failure in the meson.build file of each crypto PMD
that is not enforcing it to allow PMD support for Windows
per driver when applicable.
Signed-off-by: Tal Shnaiderman <talshn@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
Invoke event_dev_probing_finish() function at the end of probing,
this function sets the function pointers in the fp_ops flat array
in case of secondary process.
For primary process, fp_ops is updated in rte_cryptodev_start().
Signed-off-by: Akhil Goyal <gakhil@marvell.com>
Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Matan Azrad <matan@nvidia.com>
This patch renames the sgl to src_sgl in struct rte_crypto_sym_vec
to help differentiating between source and destination sgl.
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
The rte_cryptodev_pmd.* files are for drivers only and should be
private to DPDK, and not installed for app use.
Signed-off-by: Akhil Goyal <gakhil@marvell.com>
Acked-by: Matan Azrad <matan@nvidia.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Fix return code when asymmetric crypto
or compression service is selected on GEN4 devices.
Fixes: 8f393c4ffd ("common/qat: support GEN4 devices")
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
