Add support for the HMAC SHA224 authentication algorithm.
Signed-off-by: Tomasz Duszynski <tdu@semihalf.com>
Reviewed-by: Natalie Samsonov <nsamsono@marvell.com>
Add missing rte_kvargs library dependency. Without that
shared library build fails due to unresolved rte_kvargs_* symbols.
Fixes: 25b05a1c806b ("crypto/mvsam: parse max number of sessions")
Cc: stable@dpdk.org
Signed-off-by: Tomasz Duszynski <tdu@semihalf.com>
Add following features to the device's features list
and update documentation accordingly:
* OOP SGL in LB out
* OOP LB in LB out
Signed-off-by: Tomasz Duszynski <tdu@semihalf.com>
This patch add the support for new Management Complex
Firmware version to 10.1x.x. One of the main changes in
the APIs ordered queue.
The fslmc bus lib ABI will need to be bumped to reflect
the MC FW API and structure changes.
This will also result in bumping of ABI verion of all dependent
libs as they internally use the MC FW APIs and structures.
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
With this patch, fslmc bus and ethernet devices on this bus
would start using the physical-virtual library interfaces.
This patch impacts mempool/dpaa2, event/dpaa2, net/dpaa2,
raw/dpaa2_cmdif and raw/dpaa2_qdma as they are dependent
on the bus/fslmc and thus impact linkage of libraries.
Signed-off-by: Shreyansh Jain <shreyansh.jain@nxp.com>
With this patch, dpaa bus and ethernet devices on this bus
would start using the physical-virtual library interfaces.
This patch impacts mempool/dpaa, event/dpaa and net/dpaa as
they are dependent on the bus/dpaa and thus impact linkage of
libraries.
Signed-off-by: Shreyansh Jain <shreyansh.jain@nxp.com>
Code for session create is restructured to make scalable to
support different algorithms.
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
OOP support for look aside protocol support is added.
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
With this patch sequence number will be rolled over and
SEC block will ignore the sequence number overflow error.
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
With this patch sequence number will be rolled over and
SEC block will ignore the sequence number overflow error.
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
In dpaa_sec, there are unlimited queues, but in order
to match the DPDK handling of queue pairs, rx side queues
are still unlimited, but the application will see only limited
qp (tx queues) from dpaa_sec hw.
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
hw flib code is updated as per the latest set of APIs and macros
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
The full digest size of GCM/GMAC algorithms is 16 bytes.
However, it is sometimes truncated to a smaller size (such as in IPSec).
This commit allows a user to generate a digest of any size
up to the full size.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Marko Kovacevic <marko.kovacevic@intel.com>
When IV size is 12, padding to 16 bytes is required
and the LSB must be set to 1, according to the spec.
However, the Multi-buffer library is already doing this,
so it is not necessary to do it in the PMD.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Marko Kovacevic <marko.kovacevic@intel.com>
Add support for SHAx-HMAC key sizes larger than the block size.
For these sizes, the input key is digested with the non-HMAC
version of the algorithm and used as the key.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Marko Kovacevic <marko.kovacevic@intel.com>
The full digest size of CMAC algorithm is 16 bytes.
However, it is sometimes truncated to a smaller size (such as in IPSec).
This commit allows a user to generate a digest of any size
up to the full size.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Marko Kovacevic <marko.kovacevic@intel.com>
The truncated digest size for AES-CMAC is 12 and not 16,
as the Multi-buffer library can output both 12 and 16 bytes.
Fixes: 6491dbbecebb ("crypto/aesni_mb: support AES CMAC")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Marko Kovacevic <marko.kovacevic@intel.com>
When creating a crypto session, check if
ther requested digest size is supported for
AES-XCBC-MAC and AES-CCM.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Marko Kovacevic <marko.kovacevic@intel.com>
HMAC algorithms (MD5 and SHAx) have different full digest sizes.
However, they are often truncated to a smaller size (such as in IPSec).
This commit allows a user to generate a digest of any size
up to the full size.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Marko Kovacevic <marko.kovacevic@intel.com>
In order to process crypto operations in the AESNI MB PMD,
they need to be sent to the buffer manager of the Multi-buffer library,
through the "job" structure.
Currently, it is checked if there are outstanding operations to process
in the ring, before getting a new job. However, if there are no available
jobs in the manager, a flush operation needs to take place, freeing some
of the jobs, so it can be used for the outstanding operation.
In order to avoid leaving the dequeued operation without being processed,
the maximum number of operations that can be flushed is the remaining
operations to return, which is the maximum number of operations that can
be return minus the number of operations ready to be returned
(nb_ops - processed_jobs), minus 1 (for the new operation).
The problem comes when (nb_ops - processed_jobs) is 1 (last operation to
dequeue). In that case, flush_mb_mgr is called with maximum number of
operations equal to 0, which is wrong, causing a potential overrun in the
"ops" array.
Besides, the operation dequeued from the ring will be leaked, as no more
operations can be returned.
The solution is to first check if there are jobs available in the manager.
If there are not, flush operation gets called, and if enough operations
are returned from the manager, then no more outstanding operations get
dequeued from the ring, avoiding both the memory leak and the array
overrun.
If there are enough jobs, PMD tries to dequeue an operation from the ring.
If there are no operations in the ring, the new job pointer is not used,
and it will be used in the next get_next_job call, so no memory leak
happens.
Fixes: 0f548b50a160 ("crypto/aesni_mb: process crypto op on dequeue")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
This patch introduces necessary changes required by MUSDK 18.09 library.
* As of MUSDK 18.09, pp2_cookie_t is no longer available. Now
RX descriptor cookie is defined as plain u64 so existing cast
is no longer valid.
* MUSDK 18.09 increased number of available bpools (buffer hw pools) by
introducing dma regions support. Update mvpp2 driver accordingly.
* replace MV_NET_IP4_F_TOS with MV_NET_IP4_F_DSCP
Before this patch, API allowed to configure a classification rule
according to IPv4 TOS, which was not supported in classifier. This patch
fixes this by using proper field.
* use 48 bit address mask
We cannot get pointers exceeding 48 bits thus using 48 bit
mask for extracting higher IOVA address bits is enough.
Signed-off-by: Natalie Samsonov <nsamsono@marvell.com>
Signed-off-by: Yuval Caduri <cyuval@marvell.com>
Signed-off-by: Tomasz Duszynski <tdu@semihalf.com>
Reviewed-by: Shlomi Gridish <sgridish@marvell.com>
Reviewed-by: Alan Winkowski <walan@marvell.com>
Reviewed-by: Liron Himi <lironh@marvell.com>
Removing double copy of driver information. 04664e5c8346 has shifted
that from driver's probe to bus's probe.
Fixes: 04664e5c8346 ("drivers/bus: fill driver reference after NXP probing")
Signed-off-by: Shreyansh Jain <shreyansh.jain@nxp.com>
Acked-by: Thomas Monjalon <thomas@monjalon.net>
This patch fixes sgl filling to handle offset
greater than first sgl segment
Fixes: 1947bd18580b ("compress/qat: support scatter-gather buffers")
Signed-off-by: Tomasz Jozwiak <tomaszx.jozwiak@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
- Add compat.h to make pmd compatible to openssl-1.1.0 and
backward version
- Add rsa sign/verify/encrypt/decrypt and modular operation
support
Signed-off-by: Sunila Sahu <sunila.sahu@caviumnetworks.com>
Signed-off-by: Shally Verma <shally.verma@caviumnetworks.com>
Signed-off-by: Ashish Gupta <ashish.gupta@caviumnetworks.com>
This patch adds packet-size-distr mode specific parameter parser
to support different threshold packet size value other than default
128 bytes.
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
This patch refactors the sgl struct so it includes a flexible
array of flat buffers as sym and compress PMDs can have
different size sgls.
Signed-off-by: Tomasz Jozwiak <tomaszx.jozwiak@intel.com>
Signed-off-by: Fiona Trahe <fiona.trahe@intel.com>
Put session private data back to mempool when clearing
a crypto session, which is expected to be done in the PMD.
Fixes: b7fa78c7d3b0 ("crypto/virtio: support session related ops")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Reviewed-by: Jay Zhou <jianjay.zhou@huawei.com>
Added extra case to support 8 byte key size
for 3DES CBC. Also changed capabilities to reflect
the change.
Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
Signed-off-by: Fiona Trahe <fiona.trahe@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Added extra case to support 8 byte key size
for 3DES CBC. Also changed capabilities to reflect
the change.
Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Added support for 3DES cipher algorithm which
will support 8, 16 and 24 byte keys, which also has been
added in the v0.50 of the IPSec Multi-buffer lib.
Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Adds support for the v0.50 of the IPsec Multi-buffer lib.
The library now exposes its version, with the idea
of maintaining backwards compatibility in the future,
avoiding breaking the compilation of the PMD every time
there is a new version available.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Adds support for the v0.50 of the IPsec Multi-buffer lib.
The library now exposes its version, with the idea
of maintaining backwards compatibility in the future,
avoiding breaking the compilation of the PMD every time
there is a new version available.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Instead of having a static field for the buffer manager
MB_MGR in the queue pair structure, use the provided API
that allocates memory for it and store a pointer to it.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
QAT driver checks byte alignment for KASUMI/SNOW 3G/ZUC algorithms using
cipher/auth_param, which are not initialized at this moment yet. Use
operation params instead.
Fixes: 39e0bee48e81 ("crypto/qat: rework request builder for performance")
Cc: stable@dpdk.org
Reported-by: Dmitry Eremin-Solenikov <dmitry.ereminsolenikov@linaro.org>
Signed-off-by: Fiona Trahe <fiona.trahe@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Add Makefiles, meson files, and empty source files for compression PMD.
Handle cases for building either symmetric crypto PMD
or compression PMD or both and the common files both depend on.
Signed-off-by: Fiona Trahe <fiona.trahe@intel.com>
Signed-off-by: Tomasz Jozwiak <tomaszx.jozwiak@intel.com>
This patch add support for configurable vdqcr exact flag.
This boost the performance, however this can give
side effects for some extra packet fetch. Which has been
taken care in the patch as well.
Signed-off-by: Nipun Gupta <nipun.gupta@nxp.com>
Acked-by: Shreyansh Jain <shreyansh.jain@nxp.com>
