From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) by dpdk.org (Postfix) with ESMTP id 4E8C47D18 for ; Fri, 18 Aug 2017 17:21:04 +0200 (CEST) Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by fmsmga101.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 18 Aug 2017 08:20:55 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.41,393,1498546800"; d="scan'208";a="301831066" Received: from silpixa00399464.ir.intel.com (HELO silpixa00399464.ger.corp.intel.com) ([10.237.222.157]) by fmsmga004.fm.intel.com with ESMTP; 18 Aug 2017 08:20:53 -0700 From: Pablo de Lara To: declan.doherty@intel.com, jerin.jacob@caviumnetworks.com Cc: dev@dpdk.org, Pablo de Lara Date: Fri, 18 Aug 2017 08:21:01 +0100 Message-Id: <20170818072103.1416-7-pablo.de.lara.guarch@intel.com> X-Mailer: git-send-email 2.9.4 In-Reply-To: <20170818072103.1416-1-pablo.de.lara.guarch@intel.com> References: <20170818072103.1416-1-pablo.de.lara.guarch@intel.com> Subject: [dpdk-dev] [PATCH 6/8] crypto/zuc: do not append digest X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Aug 2017 15:21:04 -0000 When performing an authentication verification, the PMD was using memory at the end of the input buffer, to store temporarily the digest. This operation requires the buffer to have enough tailroom unnecessarily. Instead, memory is allocated for each queue pair, to store temporarily the digest generated by the driver, so it can be compared with the one provided in the crypto operation, without needing to touch the input buffer. Signed-off-by: Pablo de Lara --- drivers/crypto/zuc/rte_zuc_pmd.c | 16 +++++----------- drivers/crypto/zuc/rte_zuc_pmd_private.h | 7 +++++++ 2 files changed, 12 insertions(+), 11 deletions(-) diff --git a/drivers/crypto/zuc/rte_zuc_pmd.c b/drivers/crypto/zuc/rte_zuc_pmd.c index b301711..2d8d641 100644 --- a/drivers/crypto/zuc/rte_zuc_pmd.c +++ b/drivers/crypto/zuc/rte_zuc_pmd.c @@ -42,7 +42,6 @@ #include "rte_zuc_pmd_private.h" -#define ZUC_DIGEST_LENGTH 4 #define ZUC_MAX_BURST 8 #define BYTE_LEN 8 @@ -258,7 +257,7 @@ process_zuc_cipher_op(struct rte_crypto_op **ops, /** Generate/verify hash from mbufs with same hash key. */ static int -process_zuc_hash_op(struct rte_crypto_op **ops, +process_zuc_hash_op(struct zuc_qp *qp, struct rte_crypto_op **ops, struct zuc_session *session, uint8_t num_ops) { @@ -285,8 +284,7 @@ process_zuc_hash_op(struct rte_crypto_op **ops, session->auth_iv_offset); if (session->auth_op == RTE_CRYPTO_AUTH_OP_VERIFY) { - dst = (uint32_t *)rte_pktmbuf_append(ops[i]->sym->m_src, - ZUC_DIGEST_LENGTH); + dst = (uint32_t *)&qp->temp_digest; sso_zuc_eia3_1_buffer(session->pKey_hash, iv, src, @@ -295,10 +293,6 @@ process_zuc_hash_op(struct rte_crypto_op **ops, if (memcmp(dst, ops[i]->sym->auth.digest.data, ZUC_DIGEST_LENGTH) != 0) ops[i]->status = RTE_CRYPTO_OP_STATUS_AUTH_FAILED; - - /* Trim area used for digest from mbuf. */ - rte_pktmbuf_trim(ops[i]->sym->m_src, - ZUC_DIGEST_LENGTH); } else { dst = (uint32_t *)ops[i]->sym->auth.digest.data; @@ -327,16 +321,16 @@ process_ops(struct rte_crypto_op **ops, struct zuc_session *session, session, num_ops); break; case ZUC_OP_ONLY_AUTH: - processed_ops = process_zuc_hash_op(ops, session, + processed_ops = process_zuc_hash_op(qp, ops, session, num_ops); break; case ZUC_OP_CIPHER_AUTH: processed_ops = process_zuc_cipher_op(ops, session, num_ops); - process_zuc_hash_op(ops, session, processed_ops); + process_zuc_hash_op(qp, ops, session, processed_ops); break; case ZUC_OP_AUTH_CIPHER: - processed_ops = process_zuc_hash_op(ops, session, + processed_ops = process_zuc_hash_op(qp, ops, session, num_ops); process_zuc_cipher_op(ops, session, processed_ops); break; diff --git a/drivers/crypto/zuc/rte_zuc_pmd_private.h b/drivers/crypto/zuc/rte_zuc_pmd_private.h index b706e0a..a57b8cd 100644 --- a/drivers/crypto/zuc/rte_zuc_pmd_private.h +++ b/drivers/crypto/zuc/rte_zuc_pmd_private.h @@ -59,6 +59,8 @@ #endif #define ZUC_IV_KEY_LENGTH 16 +#define ZUC_DIGEST_LENGTH 4 + /** private data structure for each virtual ZUC device */ struct zuc_private { unsigned max_nb_queue_pairs; @@ -79,6 +81,11 @@ struct zuc_qp { /**< Session Mempool */ struct rte_cryptodev_stats qp_stats; /**< Queue pair statistics */ + uint8_t temp_digest[ZUC_DIGEST_LENGTH]; + /**< Buffer used to store the digest generated + * by the driver when verifying a digest provided + * by the user (using authentication verify operation) + */ } __rte_cache_aligned; enum zuc_operation { -- 2.9.4