The maximum length of job descriptor which is formed is 13 words and hence rta_inline_query should take care of the max descriptor(shared + job) lengths and thus find out of the key can be referenced or immediate. Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com> --- drivers/common/dpaax/caamflib/desc.h | 2 +- drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 4 ++-- drivers/crypto/dpaa_sec/dpaa_sec.c | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/drivers/common/dpaax/caamflib/desc.h b/drivers/common/dpaax/caamflib/desc.h index e4139aaa9..635d6bad0 100644 --- a/drivers/common/dpaax/caamflib/desc.h +++ b/drivers/common/dpaax/caamflib/desc.h @@ -26,7 +26,7 @@ extern enum rta_sec_era rta_sec_era; #define CAAM_CMD_SZ sizeof(uint32_t) #define CAAM_PTR_SZ sizeof(dma_addr_t) #define CAAM_DESC_BYTES_MAX (CAAM_CMD_SZ * MAX_CAAM_DESCSIZE) -#define DESC_JOB_IO_LEN (CAAM_CMD_SZ * 5 + CAAM_PTR_SZ * 3) +#define DESC_JOB_IO_LEN (CAAM_CMD_SZ * 7 + CAAM_PTR_SZ * 3) /* Block size of any entity covered/uncovered with a KEK/TKEK */ #define KEK_BLOCKSIZE 16 diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c index 60fdced78..c56fb2152 100644 --- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c @@ -2192,7 +2192,7 @@ dpaa2_sec_aead_init(struct rte_cryptodev *dev, priv->flc_desc[0].desc[0] = aeaddata.keylen; err = rta_inline_query(IPSEC_AUTH_VAR_AES_DEC_BASE_DESC_LEN, - MIN_JOB_DESC_SIZE, + DESC_JOB_IO_LEN, (unsigned int *)priv->flc_desc[0].desc, &priv->flc_desc[0].desc[1], 1); @@ -2416,7 +2416,7 @@ dpaa2_sec_aead_chain_init(struct rte_cryptodev *dev, priv->flc_desc[0].desc[0] = cipherdata.keylen; priv->flc_desc[0].desc[1] = authdata.keylen; err = rta_inline_query(IPSEC_AUTH_VAR_AES_DEC_BASE_DESC_LEN, - MIN_JOB_DESC_SIZE, + DESC_JOB_IO_LEN, (unsigned int *)priv->flc_desc[0].desc, &priv->flc_desc[0].desc[2], 2); diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c index 01e79c8ea..5ce7e3582 100644 --- a/drivers/crypto/dpaa_sec/dpaa_sec.c +++ b/drivers/crypto/dpaa_sec/dpaa_sec.c @@ -351,7 +351,7 @@ dpaa_sec_prep_ipsec_cdb(dpaa_sec_session *ses) cdb->sh_desc[0] = cipherdata.keylen; cdb->sh_desc[1] = authdata.keylen; err = rta_inline_query(IPSEC_AUTH_VAR_AES_DEC_BASE_DESC_LEN, - MIN_JOB_DESC_SIZE, + DESC_JOB_IO_LEN, (unsigned int *)cdb->sh_desc, &cdb->sh_desc[2], 2); @@ -537,7 +537,7 @@ dpaa_sec_prep_cdb(dpaa_sec_session *ses) cdb->sh_desc[0] = alginfo_c.keylen; cdb->sh_desc[1] = alginfo_a.keylen; err = rta_inline_query(IPSEC_AUTH_VAR_AES_DEC_BASE_DESC_LEN, - MIN_JOB_DESC_SIZE, + DESC_JOB_IO_LEN, (unsigned int *)cdb->sh_desc, &cdb->sh_desc[2], 2); -- 2.17.1
HFN is set as a uint32_t but the value retrieved is uint8_t. Fixed the type casting to get the correct value. Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com> --- drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c index c56fb2152..109e61ae1 100644 --- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c @@ -1,7 +1,7 @@ /* SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 2016 Freescale Semiconductor, Inc. All rights reserved. - * Copyright 2016-2019 NXP + * Copyright 2016-2020 NXP * */ @@ -164,7 +164,8 @@ build_proto_compound_sg_fd(dpaa2_sec_session *sess, * mbuf priv after sym_op. */ if (sess->ctxt_type == DPAA2_SEC_PDCP && sess->pdcp.hfn_ovd) { - uint32_t hfn_ovd = *((uint8_t *)op + sess->pdcp.hfn_ovd_offset); + uint32_t hfn_ovd = *(uint32_t *)((uint8_t *)op + + sess->pdcp.hfn_ovd_offset); /*enable HFN override override */ DPAA2_SET_FLE_INTERNAL_JD(ip_fle, hfn_ovd); DPAA2_SET_FLE_INTERNAL_JD(op_fle, hfn_ovd); @@ -239,7 +240,8 @@ build_proto_compound_fd(dpaa2_sec_session *sess, * mbuf priv after sym_op. */ if (sess->ctxt_type == DPAA2_SEC_PDCP && sess->pdcp.hfn_ovd) { - uint32_t hfn_ovd = *((uint8_t *)op + sess->pdcp.hfn_ovd_offset); + uint32_t hfn_ovd = *(uint32_t *)((uint8_t *)op + + sess->pdcp.hfn_ovd_offset); /*enable HFN override override */ DPAA2_SET_FLE_INTERNAL_JD(ip_fle, hfn_ovd); DPAA2_SET_FLE_INTERNAL_JD(op_fle, hfn_ovd); -- 2.17.1
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com> --- drivers/common/dpaax/caamflib/desc/pdcp.h | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/drivers/common/dpaax/caamflib/desc/pdcp.h b/drivers/common/dpaax/caamflib/desc/pdcp.h index 99eb0f71a..476115323 100644 --- a/drivers/common/dpaax/caamflib/desc/pdcp.h +++ b/drivers/common/dpaax/caamflib/desc/pdcp.h @@ -1,6 +1,6 @@ /* SPDX-License-Identifier: BSD-3-Clause or GPL-2.0+ * Copyright 2008-2013 Freescale Semiconductor, Inc. - * Copyright 2019 NXP + * Copyright 2019-2020 NXP */ #ifndef __DESC_PDCP_H__ @@ -3528,6 +3528,15 @@ cnstr_shdsc_pdcp_u_plane_decap(uint32_t *descbuf, KEY(p, KEY2, authdata->key_enc_flags, (uint64_t)authdata->key, authdata->keylen, INLINE_KEY(authdata)); + else if (authdata && authdata->algtype == 0) { + err = pdcp_insert_uplane_with_int_op(p, swap, + cipherdata, authdata, + sn_size, era_2_sw_hfn_ovrd, + OP_TYPE_DECAP_PROTOCOL); + if (err) + return err; + break; + } /* Insert Cipher Key */ KEY(p, KEY1, cipherdata->key_enc_flags, -- 2.17.1
In case of LX2160, PROTOCOL command can be used in some of the PDCP cases, in those the jump command prior to KEY command may not be required. The issue observed due to these JUMP command on LX2160 is that, the CAAM gets stuck and the processing never get completed. The system becomes unusable. Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com> --- drivers/common/dpaax/caamflib/desc/pdcp.h | 51 ++++++++++++++--------- 1 file changed, 31 insertions(+), 20 deletions(-) diff --git a/drivers/common/dpaax/caamflib/desc/pdcp.h b/drivers/common/dpaax/caamflib/desc/pdcp.h index 476115323..95d1416c2 100644 --- a/drivers/common/dpaax/caamflib/desc/pdcp.h +++ b/drivers/common/dpaax/caamflib/desc/pdcp.h @@ -1887,17 +1887,13 @@ pdcp_insert_cplane_snow_zuc_op(struct program *p, return -ENOTSUP; } - pkeyjump = JUMP(p, keyjump, LOCAL_JUMP, ALL_TRUE, SHRD | SELF | BOTH); - KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key, - cipherdata->keylen, INLINE_KEY(cipherdata)); - KEY(p, KEY2, authdata->key_enc_flags, authdata->key, authdata->keylen, - INLINE_KEY(authdata)); - - SET_LABEL(p, keyjump); - if ((rta_sec_era >= RTA_SEC_ERA_8 && sn_size != PDCP_SN_SIZE_18) || (rta_sec_era == RTA_SEC_ERA_10)) { int pclid; + KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key, + cipherdata->keylen, INLINE_KEY(cipherdata)); + KEY(p, KEY2, authdata->key_enc_flags, authdata->key, authdata->keylen, + INLINE_KEY(authdata)); if (sn_size == PDCP_SN_SIZE_5) pclid = OP_PCLID_LTE_PDCP_CTRL_MIXED; @@ -1931,6 +1927,13 @@ pdcp_insert_cplane_snow_zuc_op(struct program *p, } + pkeyjump = JUMP(p, keyjump, LOCAL_JUMP, ALL_TRUE, SHRD | SELF | BOTH); + KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key, + cipherdata->keylen, INLINE_KEY(cipherdata)); + KEY(p, KEY2, authdata->key_enc_flags, authdata->key, authdata->keylen, + INLINE_KEY(authdata)); + + SET_LABEL(p, keyjump); SEQLOAD(p, MATH0, offset, length, 0); JUMP(p, 1, LOCAL_JUMP, ALL_TRUE, CALM); MOVEB(p, MATH0, offset, IFIFOAB2, 0, length, IMMED); @@ -2008,15 +2011,13 @@ pdcp_insert_cplane_aes_zuc_op(struct program *p, return -ENOTSUP; } - pkeyjump = JUMP(p, keyjump, LOCAL_JUMP, ALL_TRUE, SHRD | SELF | BOTH); - KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key, - cipherdata->keylen, INLINE_KEY(cipherdata)); - KEY(p, KEY2, authdata->key_enc_flags, authdata->key, authdata->keylen, - INLINE_KEY(authdata)); - if ((rta_sec_era >= RTA_SEC_ERA_8 && sn_size != PDCP_SN_SIZE_18) || (rta_sec_era == RTA_SEC_ERA_10)) { int pclid; + KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key, + cipherdata->keylen, INLINE_KEY(cipherdata)); + KEY(p, KEY2, authdata->key_enc_flags, authdata->key, authdata->keylen, + INLINE_KEY(authdata)); if (sn_size == PDCP_SN_SIZE_5) pclid = OP_PCLID_LTE_PDCP_CTRL_MIXED; @@ -2050,8 +2051,14 @@ pdcp_insert_cplane_aes_zuc_op(struct program *p, return -ENOTSUP; } + pkeyjump = JUMP(p, keyjump, LOCAL_JUMP, ALL_TRUE, SHRD | SELF | BOTH); + KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key, + cipherdata->keylen, INLINE_KEY(cipherdata)); + KEY(p, KEY2, authdata->key_enc_flags, authdata->key, authdata->keylen, + INLINE_KEY(authdata)); SET_LABEL(p, keyjump); + SEQLOAD(p, MATH0, offset, length, 0); JUMP(p, 1, LOCAL_JUMP, ALL_TRUE, CALM); MOVEB(p, MATH0, offset, IFIFOAB2, 0, length, IMMED); @@ -2132,15 +2139,13 @@ pdcp_insert_cplane_zuc_snow_op(struct program *p, return -ENOTSUP; } - pkeyjump = JUMP(p, keyjump, LOCAL_JUMP, ALL_TRUE, SHRD | SELF | BOTH); - KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key, - cipherdata->keylen, INLINE_KEY(cipherdata)); - KEY(p, KEY2, authdata->key_enc_flags, authdata->key, authdata->keylen, - INLINE_KEY(authdata)); - if ((rta_sec_era >= RTA_SEC_ERA_8 && sn_size != PDCP_SN_SIZE_18) || (rta_sec_era == RTA_SEC_ERA_10)) { int pclid; + KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key, + cipherdata->keylen, INLINE_KEY(cipherdata)); + KEY(p, KEY2, authdata->key_enc_flags, authdata->key, authdata->keylen, + INLINE_KEY(authdata)); if (sn_size == PDCP_SN_SIZE_5) pclid = OP_PCLID_LTE_PDCP_CTRL_MIXED; @@ -2174,6 +2179,12 @@ pdcp_insert_cplane_zuc_snow_op(struct program *p, return -ENOTSUP; } + pkeyjump = JUMP(p, keyjump, LOCAL_JUMP, ALL_TRUE, SHRD | SELF | BOTH); + KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key, + cipherdata->keylen, INLINE_KEY(cipherdata)); + KEY(p, KEY2, authdata->key_enc_flags, authdata->key, authdata->keylen, + INLINE_KEY(authdata)); + SET_LABEL(p, keyjump); SEQLOAD(p, MATH0, offset, length, 0); JUMP(p, 1, LOCAL_JUMP, ALL_TRUE, CALM); -- 2.17.1
Series- Acked-by: Hemant Agrawal <hemant.agrawal@nxp.com> -----Original Message----- From: Akhil Goyal <akhil.goyal@nxp.com> Sent: Tuesday, July 7, 2020 12:05 AM To: dev@dpdk.org; Hemant Agrawal <hemant.agrawal@nxp.com> Cc: Akhil Goyal <akhil.goyal@nxp.com> Subject: [PATCH 1/4] crypto/dpaax_sec: fix inline query for descriptors The maximum length of job descriptor which is formed is 13 words and hence rta_inline_query should take care of the max descriptor(shared + job) lengths and thus find out of the key can be referenced or immediate. Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com> --- drivers/common/dpaax/caamflib/desc.h | 2 +- drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 4 ++-- drivers/crypto/dpaa_sec/dpaa_sec.c | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/drivers/common/dpaax/caamflib/desc.h b/drivers/common/dpaax/caamflib/desc.h index e4139aaa9..635d6bad0 100644 --- a/drivers/common/dpaax/caamflib/desc.h +++ b/drivers/common/dpaax/caamflib/desc.h @@ -26,7 +26,7 @@ extern enum rta_sec_era rta_sec_era; #define CAAM_CMD_SZ sizeof(uint32_t) #define CAAM_PTR_SZ sizeof(dma_addr_t) #define CAAM_DESC_BYTES_MAX (CAAM_CMD_SZ * MAX_CAAM_DESCSIZE) -#define DESC_JOB_IO_LEN (CAAM_CMD_SZ * 5 + CAAM_PTR_SZ * 3) +#define DESC_JOB_IO_LEN (CAAM_CMD_SZ * 7 + CAAM_PTR_SZ * 3) /* Block size of any entity covered/uncovered with a KEK/TKEK */ #define KEK_BLOCKSIZE 16 diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c index 60fdced78..c56fb2152 100644 --- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c @@ -2192,7 +2192,7 @@ dpaa2_sec_aead_init(struct rte_cryptodev *dev, priv->flc_desc[0].desc[0] = aeaddata.keylen; err = rta_inline_query(IPSEC_AUTH_VAR_AES_DEC_BASE_DESC_LEN, - MIN_JOB_DESC_SIZE, + DESC_JOB_IO_LEN, (unsigned int *)priv->flc_desc[0].desc, &priv->flc_desc[0].desc[1], 1); @@ -2416,7 +2416,7 @@ dpaa2_sec_aead_chain_init(struct rte_cryptodev *dev, priv->flc_desc[0].desc[0] = cipherdata.keylen; priv->flc_desc[0].desc[1] = authdata.keylen; err = rta_inline_query(IPSEC_AUTH_VAR_AES_DEC_BASE_DESC_LEN, - MIN_JOB_DESC_SIZE, + DESC_JOB_IO_LEN, (unsigned int *)priv->flc_desc[0].desc, &priv->flc_desc[0].desc[2], 2); diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c index 01e79c8ea..5ce7e3582 100644 --- a/drivers/crypto/dpaa_sec/dpaa_sec.c +++ b/drivers/crypto/dpaa_sec/dpaa_sec.c @@ -351,7 +351,7 @@ dpaa_sec_prep_ipsec_cdb(dpaa_sec_session *ses) cdb->sh_desc[0] = cipherdata.keylen; cdb->sh_desc[1] = authdata.keylen; err = rta_inline_query(IPSEC_AUTH_VAR_AES_DEC_BASE_DESC_LEN, - MIN_JOB_DESC_SIZE, + DESC_JOB_IO_LEN, (unsigned int *)cdb->sh_desc, &cdb->sh_desc[2], 2); @@ -537,7 +537,7 @@ dpaa_sec_prep_cdb(dpaa_sec_session *ses) cdb->sh_desc[0] = alginfo_c.keylen; cdb->sh_desc[1] = alginfo_a.keylen; err = rta_inline_query(IPSEC_AUTH_VAR_AES_DEC_BASE_DESC_LEN, - MIN_JOB_DESC_SIZE, + DESC_JOB_IO_LEN, (unsigned int *)cdb->sh_desc, &cdb->sh_desc[2], 2); -- 2.17.1
> Series-
> Acked-by: Hemant Agrawal <hemant.agrawal@nxp.com>
>
> -----Original Message-----
> From: Akhil Goyal <akhil.goyal@nxp.com>
> Sent: Tuesday, July 7, 2020 12:05 AM
> To: dev@dpdk.org; Hemant Agrawal <hemant.agrawal@nxp.com>
> Cc: Akhil Goyal <akhil.goyal@nxp.com>
> Subject: [PATCH 1/4] crypto/dpaax_sec: fix inline query for descriptors
>
> The maximum length of job descriptor which is formed is 13 words and hence
> rta_inline_query should take care of the max descriptor(shared + job) lengths
> and thus find out of the key can be referenced or immediate.
>
> Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
> ---
Added Fixes in commit logs.
Fixes: 05b12700cd4c ("crypto/dpaa_sec: support null algos for protocol offload")
Fixes: 13273250eec5 ("crypto/dpaa2_sec: support AES-GCM and CTR")
Cc: stable@dpdk.org
Applied to dpdk-next-crypto
>
> HFN is set as a uint32_t but the value retrieved is
> uint8_t. Fixed the type casting to get the correct value.
>
> Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
> ---
Updated Fixes while applying patches.
Fixes: bef594ec5cc8 ("crypto/dpaa2_sec: support PDCP offload")
Fixes: af61f0750948 ("crypto/dpaa2_sec: support scatter gather for proto offloads")
Cc: stable@dpdk.org
Updated patch description
In cases of NULL auth in PDCP, the desciptors
should be based on ALGORITHM command instead of
PROTOCOL command.
It was done in case of encap, but was missing in
decap.
Fixes: 526cdf60f1e5 ("crypto/dpaa2_sec: update desc for PDCP 18-bit enc-auth")
Cc: stable@dpdk.org
>
> Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
> ---