DPDK patches and discussions
 help / color / mirror / Atom feed
* [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak
@ 2022-04-22  3:50 Gagandeep Singh
  2022-04-22  3:50 ` [PATCH 02/14] crypto/dpaa2_sec: fix buffer pool ID check Gagandeep Singh
                   ` (14 more replies)
  0 siblings, 15 replies; 33+ messages in thread
From: Gagandeep Singh @ 2022-04-22  3:50 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh, stable

Driver allocates a fle buffer for each packet
before enqueue and free the buffer on dequeue. But in case if
there are enqueue failures, then code should free the fle buffers.

Fixes: b15cbf5b2d88 ("crypto/dpaa2_sec: fix fle buffer leak")
Cc: stable@dpdk.org

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 35 ++++++++++++++++++++-
 1 file changed, 34 insertions(+), 1 deletion(-)

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index e62d04852b..03fef5e500 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -1,7 +1,7 @@
 /* SPDX-License-Identifier: BSD-3-Clause
  *
  *   Copyright (c) 2016 Freescale Semiconductor, Inc. All rights reserved.
- *   Copyright 2016-2021 NXP
+ *   Copyright 2016-2022 NXP
  *
  */
 
@@ -64,6 +64,27 @@ enum dpaa2_sec_dump_levels {
 uint8_t cryptodev_driver_id;
 uint8_t dpaa2_sec_dp_dump = DPAA2_SEC_DP_ERR_DUMP;
 
+static inline void
+free_fle(const struct qbman_fd *fd)
+{
+	struct qbman_fle *fle;
+	struct rte_crypto_op *op;
+	struct ctxt_priv *priv;
+
+#ifdef RTE_LIB_SECURITY
+	if (DPAA2_FD_GET_FORMAT(fd) == qbman_fd_single)
+		return;
+#endif
+	fle = (struct qbman_fle *)DPAA2_IOVA_TO_VADDR(DPAA2_GET_FD_ADDR(fd));
+	op = (struct rte_crypto_op *)DPAA2_GET_FLE_ADDR((fle - 1));
+	/* free the fle memory */
+	if (likely(rte_pktmbuf_is_contiguous(op->sym->m_src))) {
+		priv = (struct ctxt_priv *)(size_t)DPAA2_GET_FLE_CTXT(fle - 1);
+		rte_mempool_put(priv->fle_pool, (void *)(fle-1));
+	} else
+		rte_free((void *)(fle-1));
+}
+
 #ifdef RTE_LIB_SECURITY
 static inline int
 build_proto_compound_sg_fd(dpaa2_sec_session *sess,
@@ -1513,6 +1534,12 @@ dpaa2_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,
 				if (retry_count > DPAA2_MAX_TX_RETRY_COUNT) {
 					num_tx += loop;
 					nb_ops -= loop;
+					DPAA2_SEC_DP_DEBUG("Enqueue fail\n");
+					/* freeing the fle buffers */
+					while (loop < frames_to_send) {
+						free_fle(&fd_arr[loop]);
+						loop++;
+					}
 					goto skip_tx;
 				}
 			} else {
@@ -1854,6 +1881,12 @@ dpaa2_sec_enqueue_burst_ordered(void *qp, struct rte_crypto_op **ops,
 				if (retry_count > DPAA2_MAX_TX_RETRY_COUNT) {
 					num_tx += loop;
 					nb_ops -= loop;
+					DPAA2_SEC_DP_DEBUG("Enqueue fail\n");
+					/* freeing the fle buffers */
+					while (loop < frames_to_send) {
+						free_fle(&fd_arr[loop]);
+						loop++;
+					}
 					goto skip_tx;
 				}
 			} else {
-- 
2.25.1


^ permalink raw reply	[flat|nested] 33+ messages in thread

* [PATCH 02/14] crypto/dpaa2_sec: fix buffer pool ID check
  2022-04-22  3:50 [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak Gagandeep Singh
@ 2022-04-22  3:50 ` Gagandeep Singh
  2022-04-22  3:50 ` [PATCH 03/14] crypto/dpaa_sec: fix length for chain fd in raw sec driver Gagandeep Singh
                   ` (13 subsequent siblings)
  14 siblings, 0 replies; 33+ messages in thread
From: Gagandeep Singh @ 2022-04-22  3:50 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh, stable

Simple fd rely on bpid of the buffers whereas
other FD types can support buffers without bpid
of pool.

So moving the bpid check to simple fd to mbuf
conversion function.

Fixes: 8d1f3a5d751b ("crypto/dpaa2_sec: support crypto operation")
Cc: stable@dpdk.org

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index 03fef5e500..2374d67978 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -1566,6 +1566,10 @@ sec_simple_fd_to_mbuf(const struct qbman_fd *fd)
 	int16_t diff = 0;
 	dpaa2_sec_session *sess_priv __rte_unused;
 
+	if (unlikely(DPAA2_GET_FD_IVP(fd))) {
+		DPAA2_SEC_ERR("error: non inline buffer");
+		return NULL;
+	}
 	struct rte_mbuf *mbuf = DPAA2_INLINE_MBUF_FROM_BUF(
 		DPAA2_IOVA_TO_VADDR(DPAA2_GET_FD_ADDR(fd)),
 		rte_dpaa2_bpid_info[DPAA2_GET_FD_BPID(fd)].meta_data_size);
@@ -1612,11 +1616,6 @@ sec_fd_to_mbuf(const struct qbman_fd *fd)
 	 * We can have a better approach to use the inline Mbuf
 	 */
 
-	if (unlikely(DPAA2_GET_FD_IVP(fd))) {
-		/* TODO complete it. */
-		DPAA2_SEC_ERR("error: non inline buffer");
-		return NULL;
-	}
 	op = (struct rte_crypto_op *)DPAA2_GET_FLE_ADDR((fle - 1));
 
 	/* Prefeth op */
-- 
2.25.1


^ permalink raw reply	[flat|nested] 33+ messages in thread

* [PATCH 03/14] crypto/dpaa_sec: fix length for chain fd in raw sec driver
  2022-04-22  3:50 [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak Gagandeep Singh
  2022-04-22  3:50 ` [PATCH 02/14] crypto/dpaa2_sec: fix buffer pool ID check Gagandeep Singh
@ 2022-04-22  3:50 ` Gagandeep Singh
  2022-04-22  3:50 ` [PATCH 04/14] crypto/dpaa2_sec: " Gagandeep Singh
                   ` (12 subsequent siblings)
  14 siblings, 0 replies; 33+ messages in thread
From: Gagandeep Singh @ 2022-04-22  3:50 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh, stable

DPAA sec raw driver is calculating the wrong lengths while
creating the FD for chain.
This patch fixes lengths for chain FD.

Fixes: 78156d38e112 ("crypto/dpaa_sec: support authonly and chain with raw API")
Cc: stable@dpdk.org

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c b/drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c
index 522685f8cf..29f4e6d40b 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c
@@ -1,5 +1,5 @@
 /* SPDX-License-Identifier: BSD-3-Clause
- * Copyright 2021 NXP
+ * Copyright 2021-2022 NXP
  */
 
 #include <rte_byteorder.h>
@@ -397,8 +397,8 @@ build_dpaa_raw_dp_chain_fd(uint8_t *drv_ctx,
 	unsigned int i;
 	uint16_t auth_hdr_len = ofs.ofs.cipher.head -
 				ofs.ofs.auth.head;
-	uint16_t auth_tail_len = ofs.ofs.auth.tail;
-	uint32_t auth_only_len = (auth_tail_len << 16) | auth_hdr_len;
+	uint16_t auth_tail_len;
+	uint32_t auth_only_len;
 	int data_len = 0, auth_len = 0, cipher_len = 0;
 
 	for (i = 0; i < sgl->num; i++)
@@ -406,6 +406,8 @@ build_dpaa_raw_dp_chain_fd(uint8_t *drv_ctx,
 
 	cipher_len = data_len - ofs.ofs.cipher.head - ofs.ofs.cipher.tail;
 	auth_len = data_len - ofs.ofs.auth.head - ofs.ofs.auth.tail;
+	auth_tail_len = auth_len - cipher_len - auth_hdr_len;
+	auth_only_len = (auth_tail_len << 16) | auth_hdr_len;
 
 	if (sgl->num > MAX_SG_ENTRIES) {
 		DPAA_SEC_DP_ERR("Cipher-Auth: Max sec segs supported is %d",
@@ -448,6 +450,7 @@ build_dpaa_raw_dp_chain_fd(uint8_t *drv_ctx,
 			qm_sg_entry_set64(sg, dest_sgl->vec[i].iova);
 			sg->length = dest_sgl->vec[i].len;
 		}
+		sg->length -= ofs.ofs.cipher.tail;
 	} else {
 		qm_sg_entry_set64(sg, sgl->vec[0].iova);
 		sg->length = sgl->vec[0].len - ofs.ofs.cipher.head;
@@ -460,6 +463,7 @@ build_dpaa_raw_dp_chain_fd(uint8_t *drv_ctx,
 			qm_sg_entry_set64(sg, sgl->vec[i].iova);
 			sg->length = sgl->vec[i].len;
 		}
+		sg->length -= ofs.ofs.cipher.tail;
 	}
 
 	if (is_encode(ses)) {
-- 
2.25.1


^ permalink raw reply	[flat|nested] 33+ messages in thread

* [PATCH 04/14] crypto/dpaa2_sec: fix length for chain fd in raw sec driver
  2022-04-22  3:50 [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak Gagandeep Singh
  2022-04-22  3:50 ` [PATCH 02/14] crypto/dpaa2_sec: fix buffer pool ID check Gagandeep Singh
  2022-04-22  3:50 ` [PATCH 03/14] crypto/dpaa_sec: fix length for chain fd in raw sec driver Gagandeep Singh
@ 2022-04-22  3:50 ` Gagandeep Singh
  2022-04-22  3:50 ` [PATCH 05/14] crypto/dpaa_sec: physically enable QI Gagandeep Singh
                   ` (11 subsequent siblings)
  14 siblings, 0 replies; 33+ messages in thread
From: Gagandeep Singh @ 2022-04-22  3:50 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh, stable

DPAA2 sec raw driver is calculating the wrong lengths while
creating the FD for chain.
This patch fixes lengths for chain FD.

Fixes: aa6ec1fd8443 ("crypto/dpaa2_sec: support authenc with raw buffer API")
Cc: stable@dpdk.org

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c
index 74f2045637..e68a4875dd 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c
@@ -1,5 +1,5 @@
 /* SPDX-License-Identifier: BSD-3-Clause
- * Copyright 2021 NXP
+ * Copyright 2021-2022 NXP
  */
 
 #include <cryptodev_pmd.h>
@@ -44,8 +44,8 @@ build_raw_dp_chain_fd(uint8_t *drv_ctx,
 	uint16_t auth_hdr_len = ofs.ofs.cipher.head -
 				ofs.ofs.auth.head;
 
-	uint16_t auth_tail_len = ofs.ofs.auth.tail;
-	uint32_t auth_only_len = (auth_tail_len << 16) | auth_hdr_len;
+	uint16_t auth_tail_len;
+	uint32_t auth_only_len;
 	int icv_len = sess->digest_length;
 	uint8_t *old_icv;
 	uint8_t *iv_ptr = iv->va;
@@ -55,6 +55,8 @@ build_raw_dp_chain_fd(uint8_t *drv_ctx,
 
 	cipher_len = data_len - ofs.ofs.cipher.head - ofs.ofs.cipher.tail;
 	auth_len = data_len - ofs.ofs.auth.head - ofs.ofs.auth.tail;
+	auth_tail_len = auth_len - cipher_len - auth_hdr_len;
+	auth_only_len = (auth_tail_len << 16) | auth_hdr_len;
 	/* first FLE entry used to store session ctxt */
 	fle = (struct qbman_fle *)rte_malloc(NULL,
 			FLE_SG_MEM_SIZE(2 * sgl->num),
@@ -104,6 +106,7 @@ build_raw_dp_chain_fd(uint8_t *drv_ctx,
 			DPAA2_SET_FLE_OFFSET(sge, 0);
 			sge->length = dest_sgl->vec[i].len;
 		}
+		sge->length -= ofs.ofs.cipher.tail;
 	} else {
 		/* Configure Output SGE for Encap/Decap */
 		DPAA2_SET_FLE_ADDR(sge, sgl->vec[0].iova);
@@ -117,6 +120,7 @@ build_raw_dp_chain_fd(uint8_t *drv_ctx,
 			DPAA2_SET_FLE_OFFSET(sge, 0);
 			sge->length = sgl->vec[i].len;
 		}
+		sge->length -= ofs.ofs.cipher.tail;
 	}
 
 	if (sess->dir == DIR_ENC) {
-- 
2.25.1


^ permalink raw reply	[flat|nested] 33+ messages in thread

* [PATCH 05/14] crypto/dpaa_sec: physically enable QI
  2022-04-22  3:50 [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak Gagandeep Singh
                   ` (2 preceding siblings ...)
  2022-04-22  3:50 ` [PATCH 04/14] crypto/dpaa2_sec: " Gagandeep Singh
@ 2022-04-22  3:50 ` Gagandeep Singh
  2022-04-22  3:50 ` [PATCH 06/14] crypto/dpaa_sec: replace use of old build macros Gagandeep Singh
                   ` (10 subsequent siblings)
  14 siblings, 0 replies; 33+ messages in thread
From: Gagandeep Singh @ 2022-04-22  3:50 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh

To perform crypto operations on DPAA platform,
QI interface of HW must be enabled.
Earlier DPAA crypto driver was dependent on
kernel for QI enable. Now with this patch
there is no such dependency on kernel.

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/crypto/dpaa_sec/dpaa_sec.c | 30 ++++++++++++++++++++++++++++--
 drivers/crypto/dpaa_sec/dpaa_sec.h |  6 ++++++
 2 files changed, 34 insertions(+), 2 deletions(-)

diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c
index ed12d6663b..23a94d7e41 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
@@ -1,7 +1,7 @@
 /* SPDX-License-Identifier: BSD-3-Clause
  *
  *   Copyright (c) 2016 Freescale Semiconductor, Inc. All rights reserved.
- *   Copyright 2017-2021 NXP
+ *   Copyright 2017-2022 NXP
  *
  */
 
@@ -20,6 +20,7 @@
 #endif
 #include <rte_cycles.h>
 #include <rte_dev.h>
+#include <rte_io.h>
 #include <rte_ip.h>
 #include <rte_kvargs.h>
 #include <rte_malloc.h>
@@ -3654,9 +3655,35 @@ dpaa_sec_dev_init(struct rte_cryptodev *cryptodev)
 	struct dpaa_sec_qp *qp;
 	uint32_t i, flags;
 	int ret;
+	void *cmd_map;
+	int map_fd = -1;
 
 	PMD_INIT_FUNC_TRACE();
 
+	internals = cryptodev->data->dev_private;
+	map_fd = open("/dev/mem", O_RDWR);
+	if (unlikely(map_fd < 0)) {
+		DPAA_SEC_ERR("Unable to open (/dev/mem)");
+		return map_fd;
+	}
+	internals->sec_hw = mmap(NULL, MAP_SIZE, PROT_READ | PROT_WRITE,
+			    MAP_SHARED, map_fd, SEC_BASE_ADDR);
+	if (internals->sec_hw == MAP_FAILED) {
+		DPAA_SEC_ERR("Memory map failed");
+		close(map_fd);
+		return -EINVAL;
+	}
+	cmd_map = (uint8_t *)internals->sec_hw +
+		  (BLOCK_OFFSET * QI_BLOCK_NUMBER) + CMD_REG;
+	if (!(be32_to_cpu(rte_read32(cmd_map)) & QICTL_DQEN))
+		/* enable QI interface */
+		rte_write32(cpu_to_be32(QICTL_DQEN), cmd_map);
+
+	ret = munmap(internals->sec_hw, MAP_SIZE);
+	if (ret)
+		DPAA_SEC_WARN("munmap failed\n");
+
+	close(map_fd);
 	cryptodev->driver_id = dpaa_cryptodev_driver_id;
 	cryptodev->dev_ops = &crypto_ops;
 
@@ -3673,7 +3700,6 @@ dpaa_sec_dev_init(struct rte_cryptodev *cryptodev)
 			RTE_CRYPTODEV_FF_OOP_LB_IN_SGL_OUT |
 			RTE_CRYPTODEV_FF_OOP_LB_IN_LB_OUT;
 
-	internals = cryptodev->data->dev_private;
 	internals->max_nb_queue_pairs = RTE_DPAA_MAX_NB_SEC_QPS;
 	internals->max_nb_sessions = RTE_DPAA_SEC_PMD_MAX_NB_SESSIONS;
 
diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.h b/drivers/crypto/dpaa_sec/dpaa_sec.h
index b3f2258ead..8921e3ed89 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.h
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.h
@@ -10,6 +10,12 @@
 #define CRYPTODEV_NAME_DPAA_SEC_PMD	crypto_dpaa_sec
 /**< NXP DPAA - SEC PMD device name */
 
+#define SEC_BASE_ADDR		0x1700000
+#define MAP_SIZE		0x100000
+#define BLOCK_OFFSET		0x10000
+#define CMD_REG			0x4
+#define QICTL_DQEN		0x01
+#define QI_BLOCK_NUMBER		7
 #define MAX_DPAA_CORES		4
 #define NUM_POOL_CHANNELS	4
 #define DPAA_SEC_BURST		7
-- 
2.25.1


^ permalink raw reply	[flat|nested] 33+ messages in thread

* [PATCH 06/14] crypto/dpaa_sec: replace use of old build macros
  2022-04-22  3:50 [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak Gagandeep Singh
                   ` (3 preceding siblings ...)
  2022-04-22  3:50 ` [PATCH 05/14] crypto/dpaa_sec: physically enable QI Gagandeep Singh
@ 2022-04-22  3:50 ` Gagandeep Singh
  2022-04-22  3:50 ` [PATCH 07/14] dpaax/caamflib: remove obsolete code Gagandeep Singh
                   ` (9 subsequent siblings)
  14 siblings, 0 replies; 33+ messages in thread
From: Gagandeep Singh @ 2022-04-22  3:50 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh

Use the newer security macros defined by meson.

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c b/drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c
index 29f4e6d40b..d081953e26 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c
@@ -645,7 +645,7 @@ build_dpaa_raw_dp_cipher_fd(uint8_t *drv_ctx,
 	return cf;
 }
 
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
 static inline struct dpaa_sec_job *
 build_dpaa_raw_proto_sg(uint8_t *drv_ctx,
 			struct rte_crypto_sgl *sgl,
@@ -1036,7 +1036,7 @@ dpaa_sec_configure_raw_dp_ctx(struct rte_cryptodev *dev, uint16_t qp_id,
 		sess->build_raw_dp_fd = build_dpaa_raw_dp_chain_fd;
 	else if (sess->ctxt == DPAA_SEC_AEAD)
 		sess->build_raw_dp_fd = build_raw_cipher_auth_gcm_sg;
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
 	else if (sess->ctxt == DPAA_SEC_IPSEC ||
 			sess->ctxt == DPAA_SEC_PDCP)
 		sess->build_raw_dp_fd = build_dpaa_raw_proto_sg;
-- 
2.25.1


^ permalink raw reply	[flat|nested] 33+ messages in thread

* [PATCH 07/14] dpaax/caamflib: remove obsolete code
  2022-04-22  3:50 [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak Gagandeep Singh
                   ` (4 preceding siblings ...)
  2022-04-22  3:50 ` [PATCH 06/14] crypto/dpaa_sec: replace use of old build macros Gagandeep Singh
@ 2022-04-22  3:50 ` Gagandeep Singh
  2022-04-22  3:50 ` [PATCH 08/14] crypto/dpaa_sec : fix secondary process probe Gagandeep Singh
                   ` (8 subsequent siblings)
  14 siblings, 0 replies; 33+ messages in thread
From: Gagandeep Singh @ 2022-04-22  3:50 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh

Remove sec era 1 to 7 IPsec and caam operations code
as none of the NXP platform use it.

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/common/dpaax/caamflib/desc/ipsec.h    | 34 +++-------------
 .../dpaax/caamflib/rta/fifo_load_store_cmd.h  | 15 -------
 .../common/dpaax/caamflib/rta/header_cmd.h    | 15 +------
 drivers/common/dpaax/caamflib/rta/jump_cmd.h  | 16 --------
 drivers/common/dpaax/caamflib/rta/key_cmd.h   | 12 ------
 drivers/common/dpaax/caamflib/rta/math_cmd.h  | 29 --------------
 drivers/common/dpaax/caamflib/rta/move_cmd.h  | 39 ++++---------------
 drivers/common/dpaax/caamflib/rta/nfifo_cmd.h |  6 ---
 .../common/dpaax/caamflib/rta/operation_cmd.h | 20 ----------
 .../common/dpaax/caamflib/rta/protocol_cmd.h  | 29 --------------
 10 files changed, 15 insertions(+), 200 deletions(-)

diff --git a/drivers/common/dpaax/caamflib/desc/ipsec.h b/drivers/common/dpaax/caamflib/desc/ipsec.h
index 668d21649d..8ec6aac915 100644
--- a/drivers/common/dpaax/caamflib/desc/ipsec.h
+++ b/drivers/common/dpaax/caamflib/desc/ipsec.h
@@ -774,14 +774,9 @@ cnstr_shdsc_ipsec_encap(uint32_t *descbuf, bool ps, bool swap,
 	COPY_DATA(p, pdb->ip_hdr, pdb->ip_hdr_len);
 	SET_LABEL(p, hdr);
 	pkeyjmp = JUMP(p, keyjmp, LOCAL_JUMP, ALL_TRUE, BOTH|SHRD);
-	if (authdata->keylen) {
-		if (rta_sec_era < RTA_SEC_ERA_6)
-			KEY(p, MDHA_SPLIT_KEY, authdata->key_enc_flags,
-			    authdata->key, authdata->keylen,
-			    INLINE_KEY(authdata));
-		else
-			__gen_auth_key(p, authdata);
-	}
+	if (authdata->keylen)
+		__gen_auth_key(p, authdata);
+
 	if (cipherdata->keylen)
 		KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key,
 		    cipherdata->keylen, INLINE_KEY(cipherdata));
@@ -841,14 +836,9 @@ cnstr_shdsc_ipsec_decap(uint32_t *descbuf, bool ps, bool swap,
 	__rta_copy_ipsec_decap_pdb(p, pdb, cipherdata->algtype);
 	SET_LABEL(p, hdr);
 	pkeyjmp = JUMP(p, keyjmp, LOCAL_JUMP, ALL_TRUE, BOTH|SHRD);
-	if (authdata->keylen) {
-		if (rta_sec_era < RTA_SEC_ERA_6)
-			KEY(p, MDHA_SPLIT_KEY, authdata->key_enc_flags,
-			    authdata->key, authdata->keylen,
-			    INLINE_KEY(authdata));
-		else
-			__gen_auth_key(p, authdata);
-	}
+	if (authdata->keylen)
+		__gen_auth_key(p, authdata);
+
 	if (cipherdata->keylen)
 		KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key,
 		    cipherdata->keylen, INLINE_KEY(cipherdata));
@@ -1248,12 +1238,6 @@ cnstr_shdsc_ipsec_new_encap(uint32_t *descbuf, bool ps,
 	LABEL(l2copy);
 	REFERENCE(pl2copy);
 
-	if (rta_sec_era < RTA_SEC_ERA_8) {
-		pr_err("IPsec new mode encap: available only for Era %d or above\n",
-		       USER_SEC_ERA(RTA_SEC_ERA_8));
-		return -ENOTSUP;
-	}
-
 	PROGRAM_CNTXT_INIT(p, descbuf, 0);
 	if (swap)
 		PROGRAM_SET_BSWAP(p);
@@ -1363,12 +1347,6 @@ cnstr_shdsc_ipsec_new_decap(uint32_t *descbuf, bool ps,
 	LABEL(hdr);
 	REFERENCE(phdr);
 
-	if (rta_sec_era < RTA_SEC_ERA_8) {
-		pr_err("IPsec new mode decap: available only for Era %d or above\n",
-		       USER_SEC_ERA(RTA_SEC_ERA_8));
-		return -ENOTSUP;
-	}
-
 	PROGRAM_CNTXT_INIT(p, descbuf, 0);
 	if (swap)
 		PROGRAM_SET_BSWAP(p);
diff --git a/drivers/common/dpaax/caamflib/rta/fifo_load_store_cmd.h b/drivers/common/dpaax/caamflib/rta/fifo_load_store_cmd.h
index 287e09cd75..51d54deb16 100644
--- a/drivers/common/dpaax/caamflib/rta/fifo_load_store_cmd.h
+++ b/drivers/common/dpaax/caamflib/rta/fifo_load_store_cmd.h
@@ -68,11 +68,6 @@ rta_fifo_load(struct program *program, uint32_t src,
 			pr_err("SEQ FIFO LOAD: Invalid command\n");
 			goto err;
 		}
-		if ((rta_sec_era <= RTA_SEC_ERA_5) && (flags & AIDF)) {
-			pr_err("SEQ FIFO LOAD: Flag(s) not supported by SEC Era %d\n",
-			       USER_SEC_ERA(rta_sec_era));
-			goto err;
-		}
 		if ((flags & VLF) && ((flags & EXT) || (length >> 16))) {
 			pr_err("SEQ FIFO LOAD: Invalid usage of VLF\n");
 			goto err;
@@ -244,11 +239,6 @@ rta_fifo_store(struct program *program, uint32_t src,
 			goto err;
 		}
 	}
-	if ((rta_sec_era == RTA_SEC_ERA_7) && (src == AFHA_SBOX)) {
-		pr_err("FIFO STORE: AFHA S-box not supported by SEC Era %d\n",
-		       USER_SEC_ERA(rta_sec_era));
-		goto err;
-	}
 
 	/* write output data type field */
 	ret = __rta_map_opcode(src, fifo_store_table,
@@ -263,11 +253,6 @@ rta_fifo_store(struct program *program, uint32_t src,
 	if (encrypt_flags & TK)
 		opcode |= (0x1 << FIFOST_TYPE_SHIFT);
 	if (encrypt_flags & EKT) {
-		if (rta_sec_era == RTA_SEC_ERA_1) {
-			pr_err("FIFO STORE: AES-CCM source types not supported\n");
-			ret = -EINVAL;
-			goto err;
-		}
 		opcode |= (0x10 << FIFOST_TYPE_SHIFT);
 		opcode &= (uint32_t)~(0x20 << FIFOST_TYPE_SHIFT);
 	}
diff --git a/drivers/common/dpaax/caamflib/rta/header_cmd.h b/drivers/common/dpaax/caamflib/rta/header_cmd.h
index 45aefa04c1..779f84ebcb 100644
--- a/drivers/common/dpaax/caamflib/rta/header_cmd.h
+++ b/drivers/common/dpaax/caamflib/rta/header_cmd.h
@@ -155,12 +155,6 @@ rta_job_header(struct program *program,
 		goto err;
 	}
 
-	if ((rta_sec_era < RTA_SEC_ERA_7) && (flags & MTD) && !(flags & TD)) {
-		pr_err("JOB_DESC: Trying to MTD a descriptor that is not a TD. SEC Program Line: %d\n",
-		       program->current_pc);
-		goto err;
-	}
-
 	if ((flags & EXT) && !(flags & SHR) && (start_idx < 2)) {
 		pr_err("JOB_DESC: Start index must be >= 2 in case of no SHR and EXT. SEC Program Line: %d\n",
 		       program->current_pc);
@@ -183,15 +177,8 @@ rta_job_header(struct program *program,
 			hdr_ext |= ext_flags & DSEL_MASK;
 		}
 
-		if (ext_flags & FTD) {
-			if (rta_sec_era <= RTA_SEC_ERA_5) {
-				pr_err("JOB_DESC: Fake trusted descriptor not supported by SEC Era %d\n",
-				       USER_SEC_ERA(rta_sec_era));
-				goto err;
-			}
-
+		if (ext_flags & FTD)
 			hdr_ext |= HDR_EXT_FTD;
-		}
 	}
 	if (flags & RSMS)
 		opcode |= HDR_RSLS;
diff --git a/drivers/common/dpaax/caamflib/rta/jump_cmd.h b/drivers/common/dpaax/caamflib/rta/jump_cmd.h
index 18f781e373..0ce5a3e7c6 100644
--- a/drivers/common/dpaax/caamflib/rta/jump_cmd.h
+++ b/drivers/common/dpaax/caamflib/rta/jump_cmd.h
@@ -7,8 +7,6 @@
 #ifndef __RTA_JUMP_CMD_H__
 #define __RTA_JUMP_CMD_H__
 
-extern enum rta_sec_era rta_sec_era;
-
 static const uint32_t jump_test_cond[][2] = {
 	{ NIFP,     JUMP_COND_NIFP },
 	{ NIP,      JUMP_COND_NIP },
@@ -59,20 +57,6 @@ rta_jump(struct program *program, uint64_t address,
 	unsigned int start_pc = program->current_pc;
 	int ret = -EINVAL;
 
-	if (((jump_type == GOSUB) || (jump_type == RETURN)) &&
-	    (rta_sec_era < RTA_SEC_ERA_4)) {
-		pr_err("JUMP: Jump type not supported by SEC Era %d\n",
-		       USER_SEC_ERA(rta_sec_era));
-		goto err;
-	}
-
-	if (((jump_type == LOCAL_JUMP_INC) || (jump_type == LOCAL_JUMP_DEC)) &&
-	    (rta_sec_era <= RTA_SEC_ERA_5)) {
-		pr_err("JUMP_INCDEC: Jump type not supported by SEC Era %d\n",
-		       USER_SEC_ERA(rta_sec_era));
-		goto err;
-	}
-
 	switch (jump_type) {
 	case (LOCAL_JUMP):
 		/*
diff --git a/drivers/common/dpaax/caamflib/rta/key_cmd.h b/drivers/common/dpaax/caamflib/rta/key_cmd.h
index ec3fbcaf61..714918e18b 100644
--- a/drivers/common/dpaax/caamflib/rta/key_cmd.h
+++ b/drivers/common/dpaax/caamflib/rta/key_cmd.h
@@ -54,12 +54,6 @@ rta_key(struct program *program, uint32_t key_dst,
 			       program->current_instruction);
 			goto err;
 		}
-		if ((rta_sec_era <= RTA_SEC_ERA_5) &&
-		    ((flags & VLF) || (flags & AIDF))) {
-			pr_err("SEQKEY: Flag(s) not supported by SEC Era %d\n",
-			       USER_SEC_ERA(rta_sec_era));
-			goto err;
-		}
 	} else {
 		if ((flags & AIDF) || (flags & VLF)) {
 			pr_err("KEY: Invalid flag. SEC PC: %d; Instr: %d\n",
@@ -84,12 +78,6 @@ rta_key(struct program *program, uint32_t key_dst,
 	}
 
 	if (key_dst == AFHA_SBOX) {
-		if (rta_sec_era == RTA_SEC_ERA_7) {
-			pr_err("KEY: AFHA S-box not supported by SEC Era %d\n",
-			       USER_SEC_ERA(rta_sec_era));
-			goto err;
-		}
-
 		if (flags & IMMED) {
 			pr_err("KEY: Invalid flag. SEC PC: %d; Instr: %d\n",
 			       program->current_pc,
diff --git a/drivers/common/dpaax/caamflib/rta/math_cmd.h b/drivers/common/dpaax/caamflib/rta/math_cmd.h
index cca70f7e04..532c70c518 100644
--- a/drivers/common/dpaax/caamflib/rta/math_cmd.h
+++ b/drivers/common/dpaax/caamflib/rta/math_cmd.h
@@ -85,22 +85,7 @@ rta_math(struct program *program, uint64_t operand1,
 	int ret = -EINVAL;
 	unsigned int start_pc = program->current_pc;
 
-	if (((op == MATH_FUN_BSWAP) && (rta_sec_era < RTA_SEC_ERA_4)) ||
-	    ((op == MATH_FUN_ZBYT) && (rta_sec_era < RTA_SEC_ERA_2))) {
-		pr_err("MATH: operation not supported by SEC Era %d. SEC PC: %d; Instr: %d\n",
-		       USER_SEC_ERA(rta_sec_era), program->current_pc,
-		       program->current_instruction);
-		goto err;
-	}
-
 	if (options & SWP) {
-		if (rta_sec_era < RTA_SEC_ERA_7) {
-			pr_err("MATH: operation not supported by SEC Era %d. SEC PC: %d; Instr: %d\n",
-			       USER_SEC_ERA(rta_sec_era), program->current_pc,
-			       program->current_instruction);
-			goto err;
-		}
-
 		if ((options & IFB) ||
 		    (!(options & IMMED) && !(options & IMMED2)) ||
 		    ((options & IMMED) && (options & IMMED2))) {
@@ -258,26 +243,12 @@ rta_mathi(struct program *program, uint64_t operand,
 	int ret = -EINVAL;
 	unsigned int start_pc = program->current_pc;
 
-	if (rta_sec_era < RTA_SEC_ERA_6) {
-		pr_err("MATHI: Command not supported by SEC Era %d. SEC PC: %d; Instr: %d\n",
-		       USER_SEC_ERA(rta_sec_era), program->current_pc,
-		       program->current_instruction);
-		goto err;
-	}
-
 	if (((op == MATH_FUN_FBYT) && (options & SSEL))) {
 		pr_err("MATHI: Illegal combination - FBYT and SSEL. SEC PC: %d; Instr: %d\n",
 		       program->current_pc, program->current_instruction);
 		goto err;
 	}
 
-	if ((options & SWP) && (rta_sec_era < RTA_SEC_ERA_7)) {
-		pr_err("MATHI: SWP not supported by SEC Era %d. SEC PC: %d; Instr: %d\n",
-		       USER_SEC_ERA(rta_sec_era), program->current_pc,
-		       program->current_instruction);
-		goto err;
-	}
-
 	/* Write first operand field */
 	if (!(options & SSEL))
 		ret = __rta_map_opcode((uint32_t)operand, math_op1,
diff --git a/drivers/common/dpaax/caamflib/rta/move_cmd.h b/drivers/common/dpaax/caamflib/rta/move_cmd.h
index d2151c6dd7..ac1280c23a 100644
--- a/drivers/common/dpaax/caamflib/rta/move_cmd.h
+++ b/drivers/common/dpaax/caamflib/rta/move_cmd.h
@@ -95,26 +95,12 @@ rta_move(struct program *program, int cmd_type, uint64_t src,
 	bool is_move_len_cmd = false;
 	unsigned int start_pc = program->current_pc;
 
-	if ((rta_sec_era < RTA_SEC_ERA_7) && (cmd_type != __MOVE)) {
-		pr_err("MOVE: MOVEB / MOVEDW not supported by SEC Era %d. SEC PC: %d; Instr: %d\n",
-		       USER_SEC_ERA(rta_sec_era), program->current_pc,
-		       program->current_instruction);
-		goto err;
-	}
-
 	/* write command type */
 	if (cmd_type == __MOVEB) {
 		opcode = CMD_MOVEB;
 	} else if (cmd_type == __MOVEDW) {
 		opcode = CMD_MOVEDW;
 	} else if (!(flags & IMMED)) {
-		if (rta_sec_era < RTA_SEC_ERA_3) {
-			pr_err("MOVE: MOVE_LEN not supported by SEC Era %d. SEC PC: %d; Instr: %d\n",
-			       USER_SEC_ERA(rta_sec_era), program->current_pc,
-			       program->current_instruction);
-			goto err;
-		}
-
 		if ((length != MATH0) && (length != MATH1) &&
 		    (length != MATH2) && (length != MATH3)) {
 			pr_err("MOVE: MOVE_LEN length must be MATH[0-3]. SEC PC: %d; Instr: %d\n",
@@ -153,24 +139,15 @@ rta_move(struct program *program, int cmd_type, uint64_t src,
 		else
 			offset = dst_offset;
 
-		if (rta_sec_era < RTA_SEC_ERA_6) {
-			if (offset)
-				pr_debug("MOVE: Offset not supported by SEC Era %d. SEC PC: %d; Instr: %d\n",
-					 USER_SEC_ERA(rta_sec_era),
-					 program->current_pc,
-					 program->current_instruction);
-			/* nothing to do for offset = 0 */
-		} else {
-			ret = math_offset(offset);
-			if (ret < 0) {
-				pr_err("MOVE: Invalid offset in MATH register. SEC PC: %d; Instr: %d\n",
-				       program->current_pc,
-				       program->current_instruction);
-				goto err;
-			}
-
-			opcode |= (uint32_t)ret;
+		ret = math_offset(offset);
+		if (ret < 0) {
+			pr_err("MOVE: Invalid offset in MATH register. SEC PC: %d; Instr: %d\n",
+			       program->current_pc,
+			       program->current_instruction);
+			goto err;
 		}
+
+		opcode |= (uint32_t)ret;
 	}
 
 	/* write source field */
diff --git a/drivers/common/dpaax/caamflib/rta/nfifo_cmd.h b/drivers/common/dpaax/caamflib/rta/nfifo_cmd.h
index 85092d9612..8131acd9e4 100644
--- a/drivers/common/dpaax/caamflib/rta/nfifo_cmd.h
+++ b/drivers/common/dpaax/caamflib/rta/nfifo_cmd.h
@@ -102,12 +102,6 @@ rta_nfifo_load(struct program *program, uint32_t src,
 			    LDST_SRCDST_WORD_INFO_FIFO;
 	unsigned int start_pc = program->current_pc;
 
-	if ((data == AFHA_SBOX) && (rta_sec_era == RTA_SEC_ERA_7)) {
-		pr_err("NFIFO: AFHA S-box not supported by SEC Era %d\n",
-		       USER_SEC_ERA(rta_sec_era));
-		goto err;
-	}
-
 	/* write source field */
 	ret = __rta_map_opcode(src, nfifo_src, nfifo_src_sz[rta_sec_era], &val);
 	if (ret < 0) {
diff --git a/drivers/common/dpaax/caamflib/rta/operation_cmd.h b/drivers/common/dpaax/caamflib/rta/operation_cmd.h
index 3d339cb0a0..fe1ac37ee8 100644
--- a/drivers/common/dpaax/caamflib/rta/operation_cmd.h
+++ b/drivers/common/dpaax/caamflib/rta/operation_cmd.h
@@ -19,8 +19,6 @@ __rta_alg_aai_aes(uint16_t aai)
 	uint16_t aes_mode = aai & OP_ALG_AESA_MODE_MASK;
 
 	if (aai & OP_ALG_AAI_C2K) {
-		if (rta_sec_era < RTA_SEC_ERA_5)
-			return -1;
 		if ((aes_mode != OP_ALG_AAI_CCM) &&
 		    (aes_mode != OP_ALG_AAI_GCM))
 			return -EINVAL;
@@ -30,9 +28,6 @@ __rta_alg_aai_aes(uint16_t aai)
 	case OP_ALG_AAI_CBC_CMAC:
 	case OP_ALG_AAI_CTR_CMAC_LTE:
 	case OP_ALG_AAI_CTR_CMAC:
-		if (rta_sec_era < RTA_SEC_ERA_2)
-			return -EINVAL;
-		/* no break */
 	case OP_ALG_AAI_CTR:
 	case OP_ALG_AAI_CBC:
 	case OP_ALG_AAI_ECB:
@@ -72,9 +67,6 @@ __rta_alg_aai_md5(uint16_t aai)
 {
 	switch (aai) {
 	case OP_ALG_AAI_HMAC:
-		if (rta_sec_era < RTA_SEC_ERA_2)
-			return -EINVAL;
-		/* no break */
 	case OP_ALG_AAI_SMAC:
 	case OP_ALG_AAI_HASH:
 	case OP_ALG_AAI_HMAC_PRECOMP:
@@ -89,9 +81,6 @@ __rta_alg_aai_sha(uint16_t aai)
 {
 	switch (aai) {
 	case OP_ALG_AAI_HMAC:
-		if (rta_sec_era < RTA_SEC_ERA_2)
-			return -EINVAL;
-		/* no break */
 	case OP_ALG_AAI_HASH:
 	case OP_ALG_AAI_HMAC_PRECOMP:
 		return 0;
@@ -115,15 +104,6 @@ __rta_alg_aai_rng(uint16_t aai)
 		return -EINVAL;
 	}
 
-	/* State Handle bits are valid only for SEC Era >= 5 */
-	if ((rta_sec_era < RTA_SEC_ERA_5) && rng_sh)
-		return -EINVAL;
-
-	/* PS, AI, SK bits are also valid only for SEC Era >= 5 */
-	if ((rta_sec_era < RTA_SEC_ERA_5) && (aai &
-	     (OP_ALG_AAI_RNG4_PS | OP_ALG_AAI_RNG4_AI | OP_ALG_AAI_RNG4_SK)))
-		return -EINVAL;
-
 	switch (rng_sh) {
 	case OP_ALG_AAI_RNG4_SH_0:
 	case OP_ALG_AAI_RNG4_SH_1:
diff --git a/drivers/common/dpaax/caamflib/rta/protocol_cmd.h b/drivers/common/dpaax/caamflib/rta/protocol_cmd.h
index e9f20703f2..ac5c8af716 100644
--- a/drivers/common/dpaax/caamflib/rta/protocol_cmd.h
+++ b/drivers/common/dpaax/caamflib/rta/protocol_cmd.h
@@ -32,9 +32,6 @@ __rta_ssl_proto(uint16_t protoinfo)
 	case OP_PCL_TLS_ECDHE_RSA_WITH_RC4_128_SHA:
 	case OP_PCL_TLS_ECDH_anon_WITH_RC4_128_SHA:
 	case OP_PCL_TLS_ECDHE_PSK_WITH_RC4_128_SHA:
-		if (rta_sec_era == RTA_SEC_ERA_7)
-			return -EINVAL;
-		/* fall through if not Era 7 */
 	case OP_PCL_TLS_RSA_EXPORT_WITH_DES40_CBC_SHA:
 	case OP_PCL_TLS_RSA_WITH_DES_CBC_SHA:
 	case OP_PCL_TLS_RSA_WITH_3DES_EDE_CBC_SHA:
@@ -215,9 +212,6 @@ __rta_ipsec_proto(uint16_t protoinfo)
 
 	switch (proto_cls1) {
 	case OP_PCL_IPSEC_AES_NULL_WITH_GMAC:
-		if (rta_sec_era < RTA_SEC_ERA_2)
-			return -EINVAL;
-		/* no break */
 	case OP_PCL_IPSEC_AES_CCM8:
 	case OP_PCL_IPSEC_AES_CCM12:
 	case OP_PCL_IPSEC_AES_CCM16:
@@ -229,9 +223,6 @@ __rta_ipsec_proto(uint16_t protoinfo)
 			return 0;
 		return -EINVAL;
 	case OP_PCL_IPSEC_NULL:
-		if (rta_sec_era < RTA_SEC_ERA_2)
-			return -EINVAL;
-		/* no break */
 	case OP_PCL_IPSEC_DES_IV64:
 	case OP_PCL_IPSEC_DES:
 	case OP_PCL_IPSEC_3DES:
@@ -351,9 +342,6 @@ __rta_blob_proto(uint16_t protoinfo)
 
 	switch (protoinfo & OP_PCL_BLOB_REG_MASK) {
 	case OP_PCL_BLOB_AFHA_SBOX:
-		if (rta_sec_era < RTA_SEC_ERA_3)
-			return -EINVAL;
-		/* no break */
 	case OP_PCL_BLOB_REG_MEMORY:
 	case OP_PCL_BLOB_REG_KEY1:
 	case OP_PCL_BLOB_REG_KEY2:
@@ -368,12 +356,6 @@ __rta_blob_proto(uint16_t protoinfo)
 static inline int
 __rta_dlc_proto(uint16_t protoinfo)
 {
-	if ((rta_sec_era < RTA_SEC_ERA_2) &&
-	    (protoinfo & (OP_PCL_PKPROT_DSA_MSG | OP_PCL_PKPROT_HASH_MASK |
-	     OP_PCL_PKPROT_EKT_Z | OP_PCL_PKPROT_DECRYPT_Z |
-	     OP_PCL_PKPROT_DECRYPT_PRI)))
-		return -EINVAL;
-
 	switch (protoinfo & OP_PCL_PKPROT_HASH_MASK) {
 	case OP_PCL_PKPROT_HASH_MD5:
 	case OP_PCL_PKPROT_HASH_SHA1:
@@ -482,9 +464,6 @@ __rta_dkp_proto(uint16_t protoinfo)
 static inline int
 __rta_3g_dcrc_proto(uint16_t protoinfo)
 {
-	if (rta_sec_era == RTA_SEC_ERA_7)
-		return -EINVAL;
-
 	switch (protoinfo) {
 	case OP_PCL_3G_DCRC_CRC7:
 	case OP_PCL_3G_DCRC_CRC11:
@@ -497,9 +476,6 @@ __rta_3g_dcrc_proto(uint16_t protoinfo)
 static inline int
 __rta_3g_rlc_proto(uint16_t protoinfo)
 {
-	if (rta_sec_era == RTA_SEC_ERA_7)
-		return -EINVAL;
-
 	switch (protoinfo) {
 	case OP_PCL_3G_RLC_NULL:
 	case OP_PCL_3G_RLC_KASUMI:
@@ -513,13 +489,8 @@ __rta_3g_rlc_proto(uint16_t protoinfo)
 static inline int
 __rta_lte_pdcp_proto(uint16_t protoinfo)
 {
-	if (rta_sec_era == RTA_SEC_ERA_7)
-		return -EINVAL;
-
 	switch (protoinfo) {
 	case OP_PCL_LTE_ZUC:
-		if (rta_sec_era < RTA_SEC_ERA_5)
-			break;
 	case OP_PCL_LTE_NULL:
 	case OP_PCL_LTE_SNOW:
 	case OP_PCL_LTE_AES:
-- 
2.25.1


^ permalink raw reply	[flat|nested] 33+ messages in thread

* [PATCH 08/14] crypto/dpaa_sec : fix secondary process probe
  2022-04-22  3:50 [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak Gagandeep Singh
                   ` (5 preceding siblings ...)
  2022-04-22  3:50 ` [PATCH 07/14] dpaax/caamflib: remove obsolete code Gagandeep Singh
@ 2022-04-22  3:50 ` Gagandeep Singh
  2022-04-22  3:50 ` [PATCH 09/14] crypto/dpaa2_sec: per queue pair fle pool Gagandeep Singh
                   ` (7 subsequent siblings)
  14 siblings, 0 replies; 33+ messages in thread
From: Gagandeep Singh @ 2022-04-22  3:50 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Vanshika Shukla, stable

From: Vanshika Shukla <vanshika.shukla@nxp.com>

DPAA hardware supports non-i/o performing secondary
applications only. So we do not have to probe crypto
devices in secondary applications.

Fixes: c3e85bdcc6e6 ("crypto/dpaa_sec: add crypto driver for NXP DPAA platform")
Cc: stable@dpdk.org

Signed-off-by: Vanshika Shukla <vanshika.shukla@nxp.com>
---
 drivers/crypto/dpaa_sec/dpaa_sec.c | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c
index 23a94d7e41..6f2b4baf57 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
@@ -3766,23 +3766,24 @@ cryptodev_dpaa_sec_probe(struct rte_dpaa_driver *dpaa_drv __rte_unused,
 
 	int retval;
 
+	if (rte_eal_process_type() != RTE_PROC_PRIMARY)
+		return 0;
+
 	snprintf(cryptodev_name, sizeof(cryptodev_name), "%s", dpaa_dev->name);
 
 	cryptodev = rte_cryptodev_pmd_allocate(cryptodev_name, rte_socket_id());
 	if (cryptodev == NULL)
 		return -ENOMEM;
 
-	if (rte_eal_process_type() == RTE_PROC_PRIMARY) {
-		cryptodev->data->dev_private = rte_zmalloc_socket(
-					"cryptodev private structure",
-					sizeof(struct dpaa_sec_dev_private),
-					RTE_CACHE_LINE_SIZE,
-					rte_socket_id());
+	cryptodev->data->dev_private = rte_zmalloc_socket(
+				"cryptodev private structure",
+				sizeof(struct dpaa_sec_dev_private),
+				RTE_CACHE_LINE_SIZE,
+				rte_socket_id());
 
-		if (cryptodev->data->dev_private == NULL)
-			rte_panic("Cannot allocate memzone for private "
-					"device data");
-	}
+	if (cryptodev->data->dev_private == NULL)
+		rte_panic("Cannot allocate memzone for private "
+				"device data");
 
 	dpaa_dev->crypto_dev = cryptodev;
 	cryptodev->device = &dpaa_dev->device;
@@ -3824,8 +3825,7 @@ cryptodev_dpaa_sec_probe(struct rte_dpaa_driver *dpaa_drv __rte_unused,
 	retval = -ENXIO;
 out:
 	/* In case of error, cleanup is done */
-	if (rte_eal_process_type() == RTE_PROC_PRIMARY)
-		rte_free(cryptodev->data->dev_private);
+	rte_free(cryptodev->data->dev_private);
 
 	rte_cryptodev_pmd_release_device(cryptodev);
 
-- 
2.25.1


^ permalink raw reply	[flat|nested] 33+ messages in thread

* [PATCH 09/14] crypto/dpaa2_sec: per queue pair fle pool
  2022-04-22  3:50 [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak Gagandeep Singh
                   ` (6 preceding siblings ...)
  2022-04-22  3:50 ` [PATCH 08/14] crypto/dpaa_sec : fix secondary process probe Gagandeep Singh
@ 2022-04-22  3:50 ` Gagandeep Singh
  2022-04-22  3:50 ` [PATCH 10/14] crypto/dpaa2_sec: fix crypto op pointer for atomic and ordered queues Gagandeep Singh
                   ` (6 subsequent siblings)
  14 siblings, 0 replies; 33+ messages in thread
From: Gagandeep Singh @ 2022-04-22  3:50 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh

Driver is creating a fle pool with a fixed number of
buffers for all queue pairs of a DPSECI object.
These fle buffers are equivalent to the number of descriptors.

In this patch, creating the fle pool for each queue pair
so that user can control the number of descriptors of a
queue pair using API rte_cryptodev_queue_pair_setup().

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/bus/fslmc/portal/dpaa2_hw_dpio.c    |   4 +-
 drivers/bus/fslmc/portal/dpaa2_hw_pvt.h     |   3 +-
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 190 ++++++++++----------
 drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h   |   5 +-
 drivers/net/dpaa2/dpaa2_ethdev.h            |   4 +-
 drivers/net/dpaa2/dpaa2_rxtx.c              |   3 +-
 6 files changed, 101 insertions(+), 108 deletions(-)

diff --git a/drivers/bus/fslmc/portal/dpaa2_hw_dpio.c b/drivers/bus/fslmc/portal/dpaa2_hw_dpio.c
index 943fadee48..22c51c1a82 100644
--- a/drivers/bus/fslmc/portal/dpaa2_hw_dpio.c
+++ b/drivers/bus/fslmc/portal/dpaa2_hw_dpio.c
@@ -1,7 +1,7 @@
 /* SPDX-License-Identifier: BSD-3-Clause
  *
  *   Copyright (c) 2016 Freescale Semiconductor, Inc. All rights reserved.
- *   Copyright 2016-2019 NXP
+ *   Copyright 2016-2022 NXP
  *
  */
 #include <unistd.h>
@@ -614,7 +614,7 @@ dpaa2_free_eq_descriptors(void)
 
 		if (qbman_result_eqresp_rc(eqresp)) {
 			txq = eqresp_meta->dpaa2_q;
-			txq->cb_eqresp_free(dpio_dev->eqresp_ci);
+			txq->cb_eqresp_free(dpio_dev->eqresp_ci, txq);
 		}
 		qbman_result_eqresp_set_rspid(eqresp, 0);
 
diff --git a/drivers/bus/fslmc/portal/dpaa2_hw_pvt.h b/drivers/bus/fslmc/portal/dpaa2_hw_pvt.h
index 36d68ea0aa..024fbf9935 100644
--- a/drivers/bus/fslmc/portal/dpaa2_hw_pvt.h
+++ b/drivers/bus/fslmc/portal/dpaa2_hw_pvt.h
@@ -147,7 +147,8 @@ typedef void (dpaa2_queue_cb_dqrr_t)(struct qbman_swp *swp,
 		struct dpaa2_queue *rxq,
 		struct rte_event *ev);
 
-typedef void (dpaa2_queue_cb_eqresp_free_t)(uint16_t eqresp_ci);
+typedef void (dpaa2_queue_cb_eqresp_free_t)(uint16_t eqresp_ci,
+					struct dpaa2_queue *dpaa2_q);
 
 struct dpaa2_queue {
 	struct rte_mempool *mb_pool; /**< mbuf pool to populate RX ring. */
diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index 2374d67978..86c8df241b 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -65,11 +65,10 @@ uint8_t cryptodev_driver_id;
 uint8_t dpaa2_sec_dp_dump = DPAA2_SEC_DP_ERR_DUMP;
 
 static inline void
-free_fle(const struct qbman_fd *fd)
+free_fle(const struct qbman_fd *fd, struct dpaa2_sec_qp *qp)
 {
 	struct qbman_fle *fle;
 	struct rte_crypto_op *op;
-	struct ctxt_priv *priv;
 
 #ifdef RTE_LIB_SECURITY
 	if (DPAA2_FD_GET_FORMAT(fd) == qbman_fd_single)
@@ -78,10 +77,9 @@ free_fle(const struct qbman_fd *fd)
 	fle = (struct qbman_fle *)DPAA2_IOVA_TO_VADDR(DPAA2_GET_FD_ADDR(fd));
 	op = (struct rte_crypto_op *)DPAA2_GET_FLE_ADDR((fle - 1));
 	/* free the fle memory */
-	if (likely(rte_pktmbuf_is_contiguous(op->sym->m_src))) {
-		priv = (struct ctxt_priv *)(size_t)DPAA2_GET_FLE_CTXT(fle - 1);
-		rte_mempool_put(priv->fle_pool, (void *)(fle-1));
-	} else
+	if (likely(rte_pktmbuf_is_contiguous(op->sym->m_src)))
+		rte_mempool_put(qp->fle_pool, (void *)(fle-1));
+	else
 		rte_free((void *)(fle-1));
 }
 
@@ -206,7 +204,7 @@ build_proto_compound_sg_fd(dpaa2_sec_session *sess,
 static inline int
 build_proto_compound_fd(dpaa2_sec_session *sess,
 	       struct rte_crypto_op *op,
-	       struct qbman_fd *fd, uint16_t bpid)
+	       struct qbman_fd *fd, uint16_t bpid, struct dpaa2_sec_qp *qp)
 {
 	struct rte_crypto_sym_op *sym_op = op->sym;
 	struct ctxt_priv *priv = sess->ctxt;
@@ -223,9 +221,9 @@ build_proto_compound_fd(dpaa2_sec_session *sess,
 	flc = &priv->flc_desc[0].flc;
 
 	/* we are using the first FLE entry to store Mbuf */
-	retval = rte_mempool_get(priv->fle_pool, (void **)(&fle));
+	retval = rte_mempool_get(qp->fle_pool, (void **)(&fle));
 	if (retval) {
-		DPAA2_SEC_DP_ERR("Memory alloc failed");
+		DPAA2_SEC_DP_DEBUG("Proto: Memory alloc failed");
 		return -ENOMEM;
 	}
 	memset(fle, 0, FLE_POOL_BUF_SIZE);
@@ -282,11 +280,11 @@ build_proto_compound_fd(dpaa2_sec_session *sess,
 static inline int
 build_proto_fd(dpaa2_sec_session *sess,
 	       struct rte_crypto_op *op,
-	       struct qbman_fd *fd, uint16_t bpid)
+	       struct qbman_fd *fd, uint16_t bpid, struct dpaa2_sec_qp *qp)
 {
 	struct rte_crypto_sym_op *sym_op = op->sym;
 	if (sym_op->m_dst)
-		return build_proto_compound_fd(sess, op, fd, bpid);
+		return build_proto_compound_fd(sess, op, fd, bpid, qp);
 
 	struct ctxt_priv *priv = sess->ctxt;
 	struct sec_flow_context *flc;
@@ -461,7 +459,8 @@ build_authenc_gcm_sg_fd(dpaa2_sec_session *sess,
 static inline int
 build_authenc_gcm_fd(dpaa2_sec_session *sess,
 		     struct rte_crypto_op *op,
-		     struct qbman_fd *fd, uint16_t bpid)
+		     struct qbman_fd *fd, uint16_t bpid,
+		     struct dpaa2_sec_qp *qp)
 {
 	struct rte_crypto_sym_op *sym_op = op->sym;
 	struct ctxt_priv *priv = sess->ctxt;
@@ -485,9 +484,9 @@ build_authenc_gcm_fd(dpaa2_sec_session *sess,
 	 * to get the MBUF Addr from the previous FLE.
 	 * We can have a better approach to use the inline Mbuf
 	 */
-	retval = rte_mempool_get(priv->fle_pool, (void **)(&fle));
+	retval = rte_mempool_get(qp->fle_pool, (void **)(&fle));
 	if (retval) {
-		DPAA2_SEC_ERR("GCM: Memory alloc failed for SGE");
+		DPAA2_SEC_DP_DEBUG("GCM: no buffer available in fle pool");
 		return -ENOMEM;
 	}
 	memset(fle, 0, FLE_POOL_BUF_SIZE);
@@ -748,7 +747,7 @@ build_authenc_sg_fd(dpaa2_sec_session *sess,
 static inline int
 build_authenc_fd(dpaa2_sec_session *sess,
 		 struct rte_crypto_op *op,
-		 struct qbman_fd *fd, uint16_t bpid)
+		 struct qbman_fd *fd, uint16_t bpid, struct dpaa2_sec_qp *qp)
 {
 	struct rte_crypto_sym_op *sym_op = op->sym;
 	struct ctxt_priv *priv = sess->ctxt;
@@ -777,9 +776,9 @@ build_authenc_fd(dpaa2_sec_session *sess,
 	 * to get the MBUF Addr from the previous FLE.
 	 * We can have a better approach to use the inline Mbuf
 	 */
-	retval = rte_mempool_get(priv->fle_pool, (void **)(&fle));
+	retval = rte_mempool_get(qp->fle_pool, (void **)(&fle));
 	if (retval) {
-		DPAA2_SEC_ERR("Memory alloc failed for SGE");
+		DPAA2_SEC_DP_DEBUG("AUTHENC: no buffer available in fle pool");
 		return -ENOMEM;
 	}
 	memset(fle, 0, FLE_POOL_BUF_SIZE);
@@ -1010,7 +1009,7 @@ static inline int build_auth_sg_fd(
 
 static inline int
 build_auth_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op,
-	      struct qbman_fd *fd, uint16_t bpid)
+	      struct qbman_fd *fd, uint16_t bpid, struct dpaa2_sec_qp *qp)
 {
 	struct rte_crypto_sym_op *sym_op = op->sym;
 	struct qbman_fle *fle, *sge;
@@ -1034,9 +1033,9 @@ build_auth_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op,
 		data_offset = data_offset >> 3;
 	}
 
-	retval = rte_mempool_get(priv->fle_pool, (void **)(&fle));
+	retval = rte_mempool_get(qp->fle_pool, (void **)(&fle));
 	if (retval) {
-		DPAA2_SEC_ERR("AUTH Memory alloc failed for SGE");
+		DPAA2_SEC_DP_DEBUG("AUTH: no buffer available in fle pool");
 		return -ENOMEM;
 	}
 	memset(fle, 0, FLE_POOL_BUF_SIZE);
@@ -1257,7 +1256,7 @@ build_cipher_sg_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op,
 
 static int
 build_cipher_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op,
-		struct qbman_fd *fd, uint16_t bpid)
+		struct qbman_fd *fd, uint16_t bpid, struct dpaa2_sec_qp *qp)
 {
 	struct rte_crypto_sym_op *sym_op = op->sym;
 	struct qbman_fle *fle, *sge;
@@ -1287,9 +1286,9 @@ build_cipher_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op,
 	else
 		dst = sym_op->m_src;
 
-	retval = rte_mempool_get(priv->fle_pool, (void **)(&fle));
+	retval = rte_mempool_get(qp->fle_pool, (void **)(&fle));
 	if (retval) {
-		DPAA2_SEC_ERR("CIPHER: Memory alloc failed for SGE");
+		DPAA2_SEC_DP_DEBUG("CIPHER: no buffer available in fle pool");
 		return -ENOMEM;
 	}
 	memset(fle, 0, FLE_POOL_BUF_SIZE);
@@ -1374,7 +1373,7 @@ build_cipher_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op,
 
 static inline int
 build_sec_fd(struct rte_crypto_op *op,
-	     struct qbman_fd *fd, uint16_t bpid)
+	     struct qbman_fd *fd, uint16_t bpid, struct dpaa2_sec_qp *qp)
 {
 	int ret = -1;
 	dpaa2_sec_session *sess;
@@ -1387,11 +1386,15 @@ build_sec_fd(struct rte_crypto_op *op,
 		sess = (dpaa2_sec_session *)get_sec_session_private_data(
 				op->sym->sec_session);
 #endif
-	else
+	else {
+		DPAA2_SEC_DP_ERR("Session type invalid\n");
 		return -ENOTSUP;
+	}
 
-	if (!sess)
+	if (!sess) {
+		DPAA2_SEC_DP_ERR("Session not available\n");
 		return -EINVAL;
+	}
 
 	/* Any of the buffer is segmented*/
 	if (!rte_pktmbuf_is_contiguous(op->sym->m_src) ||
@@ -1423,23 +1426,23 @@ build_sec_fd(struct rte_crypto_op *op,
 	} else {
 		switch (sess->ctxt_type) {
 		case DPAA2_SEC_CIPHER:
-			ret = build_cipher_fd(sess, op, fd, bpid);
+			ret = build_cipher_fd(sess, op, fd, bpid, qp);
 			break;
 		case DPAA2_SEC_AUTH:
-			ret = build_auth_fd(sess, op, fd, bpid);
+			ret = build_auth_fd(sess, op, fd, bpid, qp);
 			break;
 		case DPAA2_SEC_AEAD:
-			ret = build_authenc_gcm_fd(sess, op, fd, bpid);
+			ret = build_authenc_gcm_fd(sess, op, fd, bpid, qp);
 			break;
 		case DPAA2_SEC_CIPHER_HASH:
-			ret = build_authenc_fd(sess, op, fd, bpid);
+			ret = build_authenc_fd(sess, op, fd, bpid, qp);
 			break;
 #ifdef RTE_LIB_SECURITY
 		case DPAA2_SEC_IPSEC:
-			ret = build_proto_fd(sess, op, fd, bpid);
+			ret = build_proto_fd(sess, op, fd, bpid, qp);
 			break;
 		case DPAA2_SEC_PDCP:
-			ret = build_proto_compound_fd(sess, op, fd, bpid);
+			ret = build_proto_compound_fd(sess, op, fd, bpid, qp);
 			break;
 #endif
 		case DPAA2_SEC_HASH_CIPHER:
@@ -1513,10 +1516,9 @@ dpaa2_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,
 			memset(&fd_arr[loop], 0, sizeof(struct qbman_fd));
 			mb_pool = (*ops)->sym->m_src->pool;
 			bpid = mempool_to_bpid(mb_pool);
-			ret = build_sec_fd(*ops, &fd_arr[loop], bpid);
+			ret = build_sec_fd(*ops, &fd_arr[loop], bpid, dpaa2_qp);
 			if (ret) {
-				DPAA2_SEC_ERR("error: Improper packet contents"
-					      " for crypto operation");
+				DPAA2_SEC_DP_DEBUG("FD build failed\n");
 				goto skip_tx;
 			}
 			ops++;
@@ -1537,7 +1539,8 @@ dpaa2_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,
 					DPAA2_SEC_DP_DEBUG("Enqueue fail\n");
 					/* freeing the fle buffers */
 					while (loop < frames_to_send) {
-						free_fle(&fd_arr[loop]);
+						free_fle(&fd_arr[loop],
+								dpaa2_qp);
 						loop++;
 					}
 					goto skip_tx;
@@ -1593,11 +1596,10 @@ sec_simple_fd_to_mbuf(const struct qbman_fd *fd)
 #endif
 
 static inline struct rte_crypto_op *
-sec_fd_to_mbuf(const struct qbman_fd *fd)
+sec_fd_to_mbuf(const struct qbman_fd *fd, struct dpaa2_sec_qp *qp)
 {
 	struct qbman_fle *fle;
 	struct rte_crypto_op *op;
-	struct ctxt_priv *priv;
 	struct rte_mbuf *dst, *src;
 
 #ifdef RTE_LIB_SECURITY
@@ -1651,8 +1653,7 @@ sec_fd_to_mbuf(const struct qbman_fd *fd)
 
 	/* free the fle memory */
 	if (likely(rte_pktmbuf_is_contiguous(src))) {
-		priv = (struct ctxt_priv *)(size_t)DPAA2_GET_FLE_CTXT(fle - 1);
-		rte_mempool_put(priv->fle_pool, (void *)(fle-1));
+		rte_mempool_put(qp->fle_pool, (void *)(fle-1));
 	} else
 		rte_free((void *)(fle-1));
 
@@ -1737,14 +1738,17 @@ dpaa2_sec_dump(struct rte_crypto_op *op)
 }
 
 static void
-dpaa2_sec_free_eqresp_buf(uint16_t eqresp_ci)
+dpaa2_sec_free_eqresp_buf(uint16_t eqresp_ci,
+			  struct dpaa2_queue *dpaa2_q)
 {
 	struct dpaa2_dpio_dev *dpio_dev = DPAA2_PER_LCORE_DPIO;
 	struct rte_crypto_op *op;
 	struct qbman_fd *fd;
+	struct dpaa2_sec_qp *dpaa2_qp;
 
+	dpaa2_qp = container_of(dpaa2_q, struct dpaa2_sec_qp, tx_vq);
 	fd = qbman_result_eqresp_fd(&dpio_dev->eqresp[eqresp_ci]);
-	op = sec_fd_to_mbuf(fd);
+	op = sec_fd_to_mbuf(fd, dpaa2_qp);
 	/* Instead of freeing, enqueue it to the sec tx queue (sec->core)
 	 * after setting an error in FD. But this will have performance impact.
 	 */
@@ -1860,10 +1864,9 @@ dpaa2_sec_enqueue_burst_ordered(void *qp, struct rte_crypto_op **ops,
 			memset(&fd_arr[loop], 0, sizeof(struct qbman_fd));
 			mb_pool = (*ops)->sym->m_src->pool;
 			bpid = mempool_to_bpid(mb_pool);
-			ret = build_sec_fd(*ops, &fd_arr[loop], bpid);
+			ret = build_sec_fd(*ops, &fd_arr[loop], bpid, dpaa2_qp);
 			if (ret) {
-				DPAA2_SEC_ERR("error: Improper packet contents"
-					      " for crypto operation");
+				DPAA2_SEC_DP_DEBUG("FD build failed\n");
 				goto skip_tx;
 			}
 			ops++;
@@ -1883,7 +1886,8 @@ dpaa2_sec_enqueue_burst_ordered(void *qp, struct rte_crypto_op **ops,
 					DPAA2_SEC_DP_DEBUG("Enqueue fail\n");
 					/* freeing the fle buffers */
 					while (loop < frames_to_send) {
-						free_fle(&fd_arr[loop]);
+						free_fle(&fd_arr[loop],
+								dpaa2_qp);
 						loop++;
 					}
 					goto skip_tx;
@@ -1981,7 +1985,7 @@ dpaa2_sec_dequeue_burst(void *qp, struct rte_crypto_op **ops,
 		}
 
 		fd = qbman_result_DQ_fd(dq_storage);
-		ops[num_rx] = sec_fd_to_mbuf(fd);
+		ops[num_rx] = sec_fd_to_mbuf(fd, dpaa2_qp);
 
 		if (unlikely(fd->simple.frc)) {
 			/* TODO Parse SEC errors */
@@ -2023,6 +2027,7 @@ dpaa2_sec_queue_pair_release(struct rte_cryptodev *dev, uint16_t queue_pair_id)
 		dpaa2_free_dq_storage(qp->rx_vq.q_storage);
 		rte_free(qp->rx_vq.q_storage);
 	}
+	rte_mempool_free(qp->fle_pool);
 	rte_free(qp);
 
 	dev->data->queue_pairs[queue_pair_id] = NULL;
@@ -2033,7 +2038,7 @@ dpaa2_sec_queue_pair_release(struct rte_cryptodev *dev, uint16_t queue_pair_id)
 /** Setup a queue pair */
 static int
 dpaa2_sec_queue_pair_setup(struct rte_cryptodev *dev, uint16_t qp_id,
-		__rte_unused const struct rte_cryptodev_qp_conf *qp_conf,
+		const struct rte_cryptodev_qp_conf *qp_conf,
 		__rte_unused int socket_id)
 {
 	struct dpaa2_sec_dev_private *priv = dev->data->dev_private;
@@ -2041,6 +2046,7 @@ dpaa2_sec_queue_pair_setup(struct rte_cryptodev *dev, uint16_t qp_id,
 	struct fsl_mc_io *dpseci = (struct fsl_mc_io *)priv->hw;
 	struct dpseci_rx_queue_cfg cfg;
 	int32_t retcode;
+	char str[30];
 
 	PMD_INIT_FUNC_TRACE();
 
@@ -2080,6 +2086,19 @@ dpaa2_sec_queue_pair_setup(struct rte_cryptodev *dev, uint16_t qp_id,
 
 	dev->data->queue_pairs[qp_id] = qp;
 
+	snprintf(str, sizeof(str), "sec_fle_pool_p%d_%d_%d",
+			getpid(), dev->data->dev_id, qp_id);
+	qp->fle_pool = rte_mempool_create((const char *)str,
+			qp_conf->nb_descriptors,
+			FLE_POOL_BUF_SIZE,
+			FLE_POOL_CACHE_SIZE, 0,
+			NULL, NULL, NULL, NULL,
+			SOCKET_ID_ANY, MEMPOOL_F_SP_PUT | MEMPOOL_F_SC_GET);
+	if (!qp->fle_pool) {
+		DPAA2_SEC_ERR("Mempool (%s) creation failed", str);
+		return -ENOMEM;
+	}
+
 	cfg.options = cfg.options | DPSECI_QUEUE_OPT_USER_CTX;
 	cfg.user_ctx = (size_t)(&qp->rx_vq);
 	retcode = dpseci_set_rx_queue(dpseci, CMD_PRI_LOW, priv->token,
@@ -2097,11 +2116,9 @@ dpaa2_sec_sym_session_get_size(struct rte_cryptodev *dev __rte_unused)
 }
 
 static int
-dpaa2_sec_cipher_init(struct rte_cryptodev *dev,
-		      struct rte_crypto_sym_xform *xform,
+dpaa2_sec_cipher_init(struct rte_crypto_sym_xform *xform,
 		      dpaa2_sec_session *session)
 {
-	struct dpaa2_sec_dev_private *dev_priv = dev->data->dev_private;
 	struct alginfo cipherdata;
 	int bufsize, ret = 0;
 	struct ctxt_priv *priv;
@@ -2118,8 +2135,6 @@ dpaa2_sec_cipher_init(struct rte_cryptodev *dev,
 		return -ENOMEM;
 	}
 
-	priv->fle_pool = dev_priv->fle_pool;
-
 	flc = &priv->flc_desc[0].flc;
 
 	session->ctxt_type = DPAA2_SEC_CIPHER;
@@ -2238,11 +2253,9 @@ dpaa2_sec_cipher_init(struct rte_cryptodev *dev,
 }
 
 static int
-dpaa2_sec_auth_init(struct rte_cryptodev *dev,
-		    struct rte_crypto_sym_xform *xform,
+dpaa2_sec_auth_init(struct rte_crypto_sym_xform *xform,
 		    dpaa2_sec_session *session)
 {
-	struct dpaa2_sec_dev_private *dev_priv = dev->data->dev_private;
 	struct alginfo authdata;
 	int bufsize, ret = 0;
 	struct ctxt_priv *priv;
@@ -2260,7 +2273,6 @@ dpaa2_sec_auth_init(struct rte_cryptodev *dev,
 		return -ENOMEM;
 	}
 
-	priv->fle_pool = dev_priv->fle_pool;
 	flc = &priv->flc_desc[DESC_INITFINAL].flc;
 
 	session->ctxt_type = DPAA2_SEC_AUTH;
@@ -2476,12 +2488,10 @@ dpaa2_sec_auth_init(struct rte_cryptodev *dev,
 }
 
 static int
-dpaa2_sec_aead_init(struct rte_cryptodev *dev,
-		    struct rte_crypto_sym_xform *xform,
+dpaa2_sec_aead_init(struct rte_crypto_sym_xform *xform,
 		    dpaa2_sec_session *session)
 {
 	struct dpaa2_sec_aead_ctxt *ctxt = &session->ext_params.aead_ctxt;
-	struct dpaa2_sec_dev_private *dev_priv = dev->data->dev_private;
 	struct alginfo aeaddata;
 	int bufsize;
 	struct ctxt_priv *priv;
@@ -2505,7 +2515,6 @@ dpaa2_sec_aead_init(struct rte_cryptodev *dev,
 		return -ENOMEM;
 	}
 
-	priv->fle_pool = dev_priv->fle_pool;
 	flc = &priv->flc_desc[0].flc;
 
 	session->aead_key.data = rte_zmalloc(NULL, aead_xform->key.length,
@@ -2601,11 +2610,9 @@ dpaa2_sec_aead_init(struct rte_cryptodev *dev,
 
 
 static int
-dpaa2_sec_aead_chain_init(struct rte_cryptodev *dev,
-		    struct rte_crypto_sym_xform *xform,
+dpaa2_sec_aead_chain_init(struct rte_crypto_sym_xform *xform,
 		    dpaa2_sec_session *session)
 {
-	struct dpaa2_sec_dev_private *dev_priv = dev->data->dev_private;
 	struct alginfo authdata, cipherdata;
 	int bufsize;
 	struct ctxt_priv *priv;
@@ -2643,7 +2650,6 @@ dpaa2_sec_aead_chain_init(struct rte_cryptodev *dev,
 		return -ENOMEM;
 	}
 
-	priv->fle_pool = dev_priv->fle_pool;
 	flc = &priv->flc_desc[0].flc;
 
 	session->cipher_key.data = rte_zmalloc(NULL, cipher_xform->key.length,
@@ -2849,8 +2855,7 @@ dpaa2_sec_aead_chain_init(struct rte_cryptodev *dev,
 }
 
 static int
-dpaa2_sec_set_session_parameters(struct rte_cryptodev *dev,
-			    struct rte_crypto_sym_xform *xform,	void *sess)
+dpaa2_sec_set_session_parameters(struct rte_crypto_sym_xform *xform, void *sess)
 {
 	dpaa2_sec_session *session = sess;
 	int ret;
@@ -2868,37 +2873,37 @@ dpaa2_sec_set_session_parameters(struct rte_cryptodev *dev,
 
 	/* Cipher Only */
 	if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER && xform->next == NULL) {
-		ret = dpaa2_sec_cipher_init(dev, xform, session);
+		ret = dpaa2_sec_cipher_init(xform, session);
 
 	/* Authentication Only */
 	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
 		   xform->next == NULL) {
-		ret = dpaa2_sec_auth_init(dev, xform, session);
+		ret = dpaa2_sec_auth_init(xform, session);
 
 	/* Cipher then Authenticate */
 	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
 		   xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH) {
 		session->ext_params.aead_ctxt.auth_cipher_text = true;
 		if (xform->cipher.algo == RTE_CRYPTO_CIPHER_NULL)
-			ret = dpaa2_sec_auth_init(dev, xform, session);
+			ret = dpaa2_sec_auth_init(xform, session);
 		else if (xform->next->auth.algo == RTE_CRYPTO_AUTH_NULL)
-			ret = dpaa2_sec_cipher_init(dev, xform, session);
+			ret = dpaa2_sec_cipher_init(xform, session);
 		else
-			ret = dpaa2_sec_aead_chain_init(dev, xform, session);
+			ret = dpaa2_sec_aead_chain_init(xform, session);
 	/* Authenticate then Cipher */
 	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
 		   xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER) {
 		session->ext_params.aead_ctxt.auth_cipher_text = false;
 		if (xform->auth.algo == RTE_CRYPTO_AUTH_NULL)
-			ret = dpaa2_sec_cipher_init(dev, xform, session);
+			ret = dpaa2_sec_cipher_init(xform, session);
 		else if (xform->next->cipher.algo == RTE_CRYPTO_CIPHER_NULL)
-			ret = dpaa2_sec_auth_init(dev, xform, session);
+			ret = dpaa2_sec_auth_init(xform, session);
 		else
-			ret = dpaa2_sec_aead_chain_init(dev, xform, session);
+			ret = dpaa2_sec_aead_chain_init(xform, session);
 	/* AEAD operation for AES-GCM kind of Algorithms */
 	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AEAD &&
 		   xform->next == NULL) {
-		ret = dpaa2_sec_aead_init(dev, xform, session);
+		ret = dpaa2_sec_aead_init(xform, session);
 
 	} else {
 		DPAA2_SEC_ERR("Invalid crypto type");
@@ -3147,7 +3152,6 @@ dpaa2_sec_set_ipsec_session(struct rte_cryptodev *dev,
 	struct alginfo authdata, cipherdata;
 	int bufsize;
 	struct sec_flow_context *flc;
-	struct dpaa2_sec_dev_private *dev_priv = dev->data->dev_private;
 	int ret = -1;
 
 	PMD_INIT_FUNC_TRACE();
@@ -3162,7 +3166,6 @@ dpaa2_sec_set_ipsec_session(struct rte_cryptodev *dev,
 		return -ENOMEM;
 	}
 
-	priv->fle_pool = dev_priv->fle_pool;
 	flc = &priv->flc_desc[0].flc;
 
 	if (ipsec_xform->life.bytes_hard_limit != 0 ||
@@ -3395,7 +3398,6 @@ dpaa2_sec_set_pdcp_session(struct rte_cryptodev *dev,
 	struct rte_crypto_cipher_xform *cipher_xform = NULL;
 	dpaa2_sec_session *session = (dpaa2_sec_session *)sess;
 	struct ctxt_priv *priv;
-	struct dpaa2_sec_dev_private *dev_priv = dev->data->dev_private;
 	struct alginfo authdata, cipherdata;
 	struct alginfo *p_authdata = NULL;
 	int bufsize = -1;
@@ -3420,7 +3422,6 @@ dpaa2_sec_set_pdcp_session(struct rte_cryptodev *dev,
 		return -ENOMEM;
 	}
 
-	priv->fle_pool = dev_priv->fle_pool;
 	flc = &priv->flc_desc[0].flc;
 
 	/* find xfrm types */
@@ -3758,7 +3759,7 @@ dpaa2_sec_sym_session_configure(struct rte_cryptodev *dev,
 		return -ENOMEM;
 	}
 
-	ret = dpaa2_sec_set_session_parameters(dev, xform, sess_private_data);
+	ret = dpaa2_sec_set_session_parameters(xform, sess_private_data);
 	if (ret != 0) {
 		DPAA2_SEC_ERR("Failed to configure session parameters");
 		/* Return session to mempool */
@@ -3989,6 +3990,7 @@ dpaa2_sec_process_parallel_event(struct qbman_swp *swp,
 				 struct dpaa2_queue *rxq,
 				 struct rte_event *ev)
 {
+	struct dpaa2_sec_qp *qp;
 	/* Prefetching mbuf */
 	rte_prefetch0((void *)(size_t)(DPAA2_GET_FD_ADDR(fd)-
 		rte_dpaa2_bpid_info[DPAA2_GET_FD_BPID(fd)].meta_data_size));
@@ -3996,6 +3998,7 @@ dpaa2_sec_process_parallel_event(struct qbman_swp *swp,
 	/* Prefetching ipsec crypto_op stored in priv data of mbuf */
 	rte_prefetch0((void *)(size_t)(DPAA2_GET_FD_ADDR(fd)-64));
 
+	qp = container_of(rxq, struct dpaa2_sec_qp, rx_vq);
 	ev->flow_id = rxq->ev.flow_id;
 	ev->sub_event_type = rxq->ev.sub_event_type;
 	ev->event_type = RTE_EVENT_TYPE_CRYPTODEV;
@@ -4003,7 +4006,7 @@ dpaa2_sec_process_parallel_event(struct qbman_swp *swp,
 	ev->sched_type = rxq->ev.sched_type;
 	ev->queue_id = rxq->ev.queue_id;
 	ev->priority = rxq->ev.priority;
-	ev->event_ptr = sec_fd_to_mbuf(fd);
+	ev->event_ptr = sec_fd_to_mbuf(fd, qp);
 
 	qbman_swp_dqrr_consume(swp, dq);
 }
@@ -4015,6 +4018,7 @@ dpaa2_sec_process_atomic_event(struct qbman_swp *swp __rte_unused,
 				 struct rte_event *ev)
 {
 	uint8_t dqrr_index;
+	struct dpaa2_sec_qp *qp;
 	struct rte_crypto_op *crypto_op = (struct rte_crypto_op *)ev->event_ptr;
 	/* Prefetching mbuf */
 	rte_prefetch0((void *)(size_t)(DPAA2_GET_FD_ADDR(fd)-
@@ -4023,6 +4027,7 @@ dpaa2_sec_process_atomic_event(struct qbman_swp *swp __rte_unused,
 	/* Prefetching ipsec crypto_op stored in priv data of mbuf */
 	rte_prefetch0((void *)(size_t)(DPAA2_GET_FD_ADDR(fd)-64));
 
+	qp = container_of(rxq, struct dpaa2_sec_qp, rx_vq);
 	ev->flow_id = rxq->ev.flow_id;
 	ev->sub_event_type = rxq->ev.sub_event_type;
 	ev->event_type = RTE_EVENT_TYPE_CRYPTODEV;
@@ -4031,7 +4036,7 @@ dpaa2_sec_process_atomic_event(struct qbman_swp *swp __rte_unused,
 	ev->queue_id = rxq->ev.queue_id;
 	ev->priority = rxq->ev.priority;
 
-	ev->event_ptr = sec_fd_to_mbuf(fd);
+	ev->event_ptr = sec_fd_to_mbuf(fd, qp);
 	dqrr_index = qbman_get_dqrr_idx(dq);
 	*dpaa2_seqn(crypto_op->sym->m_src) = QBMAN_ENQUEUE_FLAG_DCA | dqrr_index;
 	DPAA2_PER_LCORE_DQRR_SIZE++;
@@ -4047,6 +4052,7 @@ dpaa2_sec_process_ordered_event(struct qbman_swp *swp,
 				struct rte_event *ev)
 {
 	struct rte_crypto_op *crypto_op = (struct rte_crypto_op *)ev->event_ptr;
+	struct dpaa2_sec_qp *qp;
 
 	/* Prefetching mbuf */
 	rte_prefetch0((void *)(size_t)(DPAA2_GET_FD_ADDR(fd)-
@@ -4055,6 +4061,7 @@ dpaa2_sec_process_ordered_event(struct qbman_swp *swp,
 	/* Prefetching ipsec crypto_op stored in priv data of mbuf */
 	rte_prefetch0((void *)(size_t)(DPAA2_GET_FD_ADDR(fd)-64));
 
+	qp = container_of(rxq, struct dpaa2_sec_qp, rx_vq);
 	ev->flow_id = rxq->ev.flow_id;
 	ev->sub_event_type = rxq->ev.sub_event_type;
 	ev->event_type = RTE_EVENT_TYPE_CRYPTODEV;
@@ -4062,7 +4069,7 @@ dpaa2_sec_process_ordered_event(struct qbman_swp *swp,
 	ev->sched_type = rxq->ev.sched_type;
 	ev->queue_id = rxq->ev.queue_id;
 	ev->priority = rxq->ev.priority;
-	ev->event_ptr = sec_fd_to_mbuf(fd);
+	ev->event_ptr = sec_fd_to_mbuf(fd, qp);
 
 	*dpaa2_seqn(crypto_op->sym->m_src) = DPAA2_ENQUEUE_FLAG_ORP;
 	*dpaa2_seqn(crypto_op->sym->m_src) |= qbman_result_DQ_odpid(dq) <<
@@ -4236,7 +4243,6 @@ dpaa2_sec_uninit(const struct rte_cryptodev *dev)
 	priv->hw = NULL;
 	rte_free(dpseci);
 	rte_free(dev->security_ctx);
-	rte_mempool_free(priv->fle_pool);
 
 	DPAA2_SEC_INFO("Closing DPAA2_SEC device %s on numa socket %u",
 		       dev->data->name, rte_socket_id());
@@ -4304,7 +4310,6 @@ dpaa2_sec_dev_init(struct rte_cryptodev *cryptodev)
 	uint16_t token;
 	struct dpseci_attr attr;
 	int retcode, hw_id;
-	char str[30];
 
 	PMD_INIT_FUNC_TRACE();
 	dpaa2_dev = container_of(dev, struct rte_dpaa2_device, device);
@@ -4380,19 +4385,6 @@ dpaa2_sec_dev_init(struct rte_cryptodev *cryptodev)
 	internals->token = token;
 	internals->en_loose_ordered = true;
 
-	snprintf(str, sizeof(str), "sec_fle_pool_p%d_%d",
-			getpid(), cryptodev->data->dev_id);
-	internals->fle_pool = rte_mempool_create((const char *)str,
-			FLE_POOL_NUM_BUFS,
-			FLE_POOL_BUF_SIZE,
-			FLE_POOL_CACHE_SIZE, 0,
-			NULL, NULL, NULL, NULL,
-			SOCKET_ID_ANY, 0);
-	if (!internals->fle_pool) {
-		DPAA2_SEC_ERR("Mempool (%s) creation failed", str);
-		goto init_error;
-	}
-
 	dpaa2_sec_get_devargs(cryptodev, DRIVER_DUMP_MODE);
 	dpaa2_sec_get_devargs(cryptodev, DRIVER_STRICT_ORDER);
 	DPAA2_SEC_INFO("driver %s: created", cryptodev->data->name);
diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h b/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h
index 3094778a7a..63f4c64aab 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h
@@ -1,7 +1,7 @@
 /* SPDX-License-Identifier: BSD-3-Clause
  *
  *   Copyright (c) 2016 Freescale Semiconductor, Inc. All rights reserved.
- *   Copyright 2016,2020-2021 NXP
+ *   Copyright 2016,2020-2022 NXP
  *
  */
 
@@ -31,7 +31,6 @@ extern uint8_t cryptodev_driver_id;
 struct dpaa2_sec_dev_private {
 	void *mc_portal; /**< MC Portal for configuring this device */
 	void *hw; /**< Hardware handle for this device.Used by NADK framework */
-	struct rte_mempool *fle_pool; /* per device memory pool for FLE */
 	int32_t hw_id; /**< An unique ID of this device instance */
 	int32_t vfio_fd; /**< File descriptor received via VFIO */
 	uint16_t token; /**< Token required by DPxxx objects */
@@ -44,6 +43,7 @@ struct dpaa2_sec_dev_private {
 struct dpaa2_sec_qp {
 	struct dpaa2_queue rx_vq;
 	struct dpaa2_queue tx_vq;
+	struct rte_mempool *fle_pool; /* per device memory pool for FLE */
 };
 
 enum shr_desc_type {
@@ -127,7 +127,6 @@ struct sec_flc_desc {
 };
 
 struct ctxt_priv {
-	struct rte_mempool *fle_pool; /* per device memory pool for FLE */
 	struct sec_flc_desc flc_desc[0];
 };
 
diff --git a/drivers/net/dpaa2/dpaa2_ethdev.h b/drivers/net/dpaa2/dpaa2_ethdev.h
index e79a7fc2e2..a459181139 100644
--- a/drivers/net/dpaa2/dpaa2_ethdev.h
+++ b/drivers/net/dpaa2/dpaa2_ethdev.h
@@ -1,7 +1,7 @@
 /* SPDX-License-Identifier: BSD-3-Clause
  *
  *   Copyright (c) 2015-2016 Freescale Semiconductor, Inc. All rights reserved.
- *   Copyright 2016-2021 NXP
+ *   Copyright 2016-2022 NXP
  *
  */
 
@@ -264,7 +264,7 @@ __rte_internal
 uint16_t dpaa2_dev_tx_multi_txq_ordered(void **queue,
 		struct rte_mbuf **bufs, uint16_t nb_pkts);
 
-void dpaa2_dev_free_eqresp_buf(uint16_t eqresp_ci);
+void dpaa2_dev_free_eqresp_buf(uint16_t eqresp_ci, struct dpaa2_queue *dpaa2_q);
 void dpaa2_flow_clean(struct rte_eth_dev *dev);
 uint16_t dpaa2_dev_tx_conf(void *queue)  __rte_unused;
 int dpaa2_dev_is_dpaa2(struct rte_eth_dev *dev);
diff --git a/drivers/net/dpaa2/dpaa2_rxtx.c b/drivers/net/dpaa2/dpaa2_rxtx.c
index b8844fbdf1..39bfddd804 100644
--- a/drivers/net/dpaa2/dpaa2_rxtx.c
+++ b/drivers/net/dpaa2/dpaa2_rxtx.c
@@ -1408,7 +1408,8 @@ dpaa2_dev_tx(void *queue, struct rte_mbuf **bufs, uint16_t nb_pkts)
 }
 
 void
-dpaa2_dev_free_eqresp_buf(uint16_t eqresp_ci)
+dpaa2_dev_free_eqresp_buf(uint16_t eqresp_ci,
+			  __rte_unused struct dpaa2_queue *dpaa2_q)
 {
 	struct dpaa2_dpio_dev *dpio_dev = DPAA2_PER_LCORE_DPIO;
 	struct qbman_fd *fd;
-- 
2.25.1


^ permalink raw reply	[flat|nested] 33+ messages in thread

* [PATCH 10/14] crypto/dpaa2_sec: fix crypto op pointer for atomic and ordered queues
  2022-04-22  3:50 [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak Gagandeep Singh
                   ` (7 preceding siblings ...)
  2022-04-22  3:50 ` [PATCH 09/14] crypto/dpaa2_sec: per queue pair fle pool Gagandeep Singh
@ 2022-04-22  3:50 ` Gagandeep Singh
  2022-04-22  3:50 ` [PATCH 11/14] crypto/dpaa2_sec: fix operation status for simple fd Gagandeep Singh
                   ` (5 subsequent siblings)
  14 siblings, 0 replies; 33+ messages in thread
From: Gagandeep Singh @ 2022-04-22  3:50 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh, stable

Driver is filling the crypto_op variable with an invalid value
which can results into segmentation fault.

This patch assigning the correct crypto_op and event buffer
pointers by extracting from FD.

Fixes: a77db24643b7 ("crypto/dpaa2_sec: support atomic queues")
Fixes: 4562de326d30 ("crypto/dpaa2_sec: support ordered queue")
Cc: stable@dpdk.org

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index 86c8df241b..9f2b384af9 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -4019,7 +4019,7 @@ dpaa2_sec_process_atomic_event(struct qbman_swp *swp __rte_unused,
 {
 	uint8_t dqrr_index;
 	struct dpaa2_sec_qp *qp;
-	struct rte_crypto_op *crypto_op = (struct rte_crypto_op *)ev->event_ptr;
+	struct rte_crypto_op *crypto_op;
 	/* Prefetching mbuf */
 	rte_prefetch0((void *)(size_t)(DPAA2_GET_FD_ADDR(fd)-
 		rte_dpaa2_bpid_info[DPAA2_GET_FD_BPID(fd)].meta_data_size));
@@ -4036,12 +4036,13 @@ dpaa2_sec_process_atomic_event(struct qbman_swp *swp __rte_unused,
 	ev->queue_id = rxq->ev.queue_id;
 	ev->priority = rxq->ev.priority;
 
-	ev->event_ptr = sec_fd_to_mbuf(fd, qp);
+	crypto_op = sec_fd_to_mbuf(fd, qp);
 	dqrr_index = qbman_get_dqrr_idx(dq);
 	*dpaa2_seqn(crypto_op->sym->m_src) = QBMAN_ENQUEUE_FLAG_DCA | dqrr_index;
 	DPAA2_PER_LCORE_DQRR_SIZE++;
 	DPAA2_PER_LCORE_DQRR_HELD |= 1 << dqrr_index;
 	DPAA2_PER_LCORE_DQRR_MBUF(dqrr_index) = crypto_op->sym->m_src;
+	ev->event_ptr = crypto_op;
 }
 
 static void __rte_hot
@@ -4051,7 +4052,7 @@ dpaa2_sec_process_ordered_event(struct qbman_swp *swp,
 				struct dpaa2_queue *rxq,
 				struct rte_event *ev)
 {
-	struct rte_crypto_op *crypto_op = (struct rte_crypto_op *)ev->event_ptr;
+	struct rte_crypto_op *crypto_op;
 	struct dpaa2_sec_qp *qp;
 
 	/* Prefetching mbuf */
@@ -4069,7 +4070,7 @@ dpaa2_sec_process_ordered_event(struct qbman_swp *swp,
 	ev->sched_type = rxq->ev.sched_type;
 	ev->queue_id = rxq->ev.queue_id;
 	ev->priority = rxq->ev.priority;
-	ev->event_ptr = sec_fd_to_mbuf(fd, qp);
+	crypto_op = sec_fd_to_mbuf(fd, qp);
 
 	*dpaa2_seqn(crypto_op->sym->m_src) = DPAA2_ENQUEUE_FLAG_ORP;
 	*dpaa2_seqn(crypto_op->sym->m_src) |= qbman_result_DQ_odpid(dq) <<
@@ -4078,6 +4079,7 @@ dpaa2_sec_process_ordered_event(struct qbman_swp *swp,
 		DPAA2_EQCR_SEQNUM_SHIFT;
 
 	qbman_swp_dqrr_consume(swp, dq);
+	ev->event_ptr = crypto_op;
 }
 
 int
-- 
2.25.1


^ permalink raw reply	[flat|nested] 33+ messages in thread

* [PATCH 11/14] crypto/dpaa2_sec: fix operation status for simple fd
  2022-04-22  3:50 [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak Gagandeep Singh
                   ` (8 preceding siblings ...)
  2022-04-22  3:50 ` [PATCH 10/14] crypto/dpaa2_sec: fix crypto op pointer for atomic and ordered queues Gagandeep Singh
@ 2022-04-22  3:50 ` Gagandeep Singh
  2022-04-22  3:50 ` [PATCH 12/14] crypto/dpaa_sec: remove unused thread specific variables Gagandeep Singh
                   ` (4 subsequent siblings)
  14 siblings, 0 replies; 33+ messages in thread
From: Gagandeep Singh @ 2022-04-22  3:50 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh, stable

Driver is not filling the operation status on dequeue
in case the FD is simple.

So setting the status as per the results.

Fixes: 0a23d4b6f4c2 ("crypto/dpaa2_sec: support protocol offload IPsec")
Cc: stable@dpdk.org

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index 9f2b384af9..8444f1a795 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -1591,6 +1591,14 @@ sec_simple_fd_to_mbuf(const struct qbman_fd *fd)
 	else
 		mbuf->data_off += SEC_FLC_DHR_INBOUND;
 
+	if (unlikely(fd->simple.frc)) {
+		DPAA2_SEC_ERR("SEC returned Error - %x",
+				fd->simple.frc);
+		op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+	} else {
+		op->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
+	}
+
 	return op;
 }
 #endif
-- 
2.25.1


^ permalink raw reply	[flat|nested] 33+ messages in thread

* [PATCH 12/14] crypto/dpaa_sec: remove unused thread specific variables
  2022-04-22  3:50 [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak Gagandeep Singh
                   ` (9 preceding siblings ...)
  2022-04-22  3:50 ` [PATCH 11/14] crypto/dpaa2_sec: fix operation status for simple fd Gagandeep Singh
@ 2022-04-22  3:50 ` Gagandeep Singh
  2022-04-22  3:50 ` [PATCH 13/14] crypto/dpaa_sec: move cdb prepration to session create Gagandeep Singh
                   ` (3 subsequent siblings)
  14 siblings, 0 replies; 33+ messages in thread
From: Gagandeep Singh @ 2022-04-22  3:50 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh

Some thread specific variables are not being used in the driver,
So removing them.

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/bus/dpaa/rte_dpaa_bus.h    | 8 +-------
 drivers/crypto/dpaa_sec/dpaa_sec.c | 4 ----
 2 files changed, 1 insertion(+), 11 deletions(-)

diff --git a/drivers/bus/dpaa/rte_dpaa_bus.h b/drivers/bus/dpaa/rte_dpaa_bus.h
index 54bb1436fd..1f04d9ebd3 100644
--- a/drivers/bus/dpaa/rte_dpaa_bus.h
+++ b/drivers/bus/dpaa/rte_dpaa_bus.h
@@ -1,6 +1,6 @@
 /* SPDX-License-Identifier: BSD-3-Clause
  *
- *   Copyright 2017-2020 NXP
+ *   Copyright 2017-2022 NXP
  *
  */
 #ifndef __RTE_DPAA_BUS_H__
@@ -138,8 +138,6 @@ struct dpaa_portal {
 	uint32_t bman_idx; /**< BMAN Portal ID*/
 	uint32_t qman_idx; /**< QMAN Portal ID*/
 	struct dpaa_portal_dqrr dpaa_held_bufs;
-	struct rte_crypto_op **dpaa_sec_ops;
-	int dpaa_sec_op_nb;
 	uint64_t tid;/**< Parent Thread id for this portal */
 };
 
@@ -153,10 +151,6 @@ RTE_DECLARE_PER_LCORE(struct dpaa_portal *, dpaa_io);
 	RTE_PER_LCORE(dpaa_io)->dpaa_held_bufs.dqrr_held
 #define DPAA_PER_LCORE_DQRR_MBUF(i) \
 	RTE_PER_LCORE(dpaa_io)->dpaa_held_bufs.mbuf[i]
-#define DPAA_PER_LCORE_RTE_CRYPTO_OP \
-	RTE_PER_LCORE(dpaa_io)->dpaa_sec_ops
-#define DPAA_PER_LCORE_DPAA_SEC_OP_NB \
-	RTE_PER_LCORE(dpaa_io)->dpaa_sec_op_nb
 
 /* Various structures representing contiguous memory maps */
 struct dpaa_memseg {
diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c
index 6f2b4baf57..875df0bfc6 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
@@ -152,9 +152,6 @@ dqrr_out_fq_cb_rx(struct qman_portal *qm __always_unused,
 	struct dpaa_sec_job *job;
 	struct dpaa_sec_op_ctx *ctx;
 
-	if (DPAA_PER_LCORE_DPAA_SEC_OP_NB >= DPAA_SEC_BURST)
-		return qman_cb_dqrr_defer;
-
 	if (!(dqrr->stat & QM_DQRR_STAT_FD_VALID))
 		return qman_cb_dqrr_consume;
 
@@ -183,7 +180,6 @@ dqrr_out_fq_cb_rx(struct qman_portal *qm __always_unused,
 		}
 		mbuf->data_len = len;
 	}
-	DPAA_PER_LCORE_RTE_CRYPTO_OP[DPAA_PER_LCORE_DPAA_SEC_OP_NB++] = ctx->op;
 	dpaa_sec_op_ending(ctx);
 
 	return qman_cb_dqrr_consume;
-- 
2.25.1


^ permalink raw reply	[flat|nested] 33+ messages in thread

* [PATCH 13/14] crypto/dpaa_sec: move cdb prepration to session create
  2022-04-22  3:50 [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak Gagandeep Singh
                   ` (10 preceding siblings ...)
  2022-04-22  3:50 ` [PATCH 12/14] crypto/dpaa_sec: remove unused thread specific variables Gagandeep Singh
@ 2022-04-22  3:50 ` Gagandeep Singh
  2022-04-22  3:51 ` [PATCH 14/14] common/dpaax: fix short MAC-I IV calculation for zuc Gagandeep Singh
                   ` (2 subsequent siblings)
  14 siblings, 0 replies; 33+ messages in thread
From: Gagandeep Singh @ 2022-04-22  3:50 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh

Driver is preparing the shared descriptor of session while
attaching the session to a queue pair.
It should be prepared on session create.

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/crypto/dpaa_sec/dpaa_sec.c | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c
index 875df0bfc6..05415dbf3b 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
@@ -2548,11 +2548,6 @@ dpaa_sec_attach_sess_q(struct dpaa_sec_qp *qp, dpaa_sec_session *sess)
 	int ret;
 
 	sess->qp[rte_lcore_id() % MAX_DPAA_CORES] = qp;
-	ret = dpaa_sec_prep_cdb(sess);
-	if (ret) {
-		DPAA_SEC_ERR("Unable to prepare sec cdb");
-		return ret;
-	}
 	if (unlikely(!DPAA_PER_LCORE_PORTAL)) {
 		ret = rte_dpaa_portal_init((void *)0);
 		if (ret) {
@@ -2706,6 +2701,11 @@ dpaa_sec_sym_session_configure(struct rte_cryptodev *dev,
 	set_sym_session_private_data(sess, dev->driver_id,
 			sess_private_data);
 
+	ret = dpaa_sec_prep_cdb(sess_private_data);
+	if (ret) {
+		DPAA_SEC_ERR("Unable to prepare sec cdb");
+		return ret;
+	}
 
 	return 0;
 }
@@ -3304,6 +3304,12 @@ dpaa_sec_security_session_create(void *dev,
 
 	set_sec_session_private_data(sess, sess_private_data);
 
+	ret = dpaa_sec_prep_cdb(sess_private_data);
+	if (ret) {
+		DPAA_SEC_ERR("Unable to prepare sec cdb");
+		return ret;
+	}
+
 	return ret;
 }
 
-- 
2.25.1


^ permalink raw reply	[flat|nested] 33+ messages in thread

* [PATCH 14/14] common/dpaax: fix short MAC-I IV calculation for zuc
  2022-04-22  3:50 [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak Gagandeep Singh
                   ` (11 preceding siblings ...)
  2022-04-22  3:50 ` [PATCH 13/14] crypto/dpaa_sec: move cdb prepration to session create Gagandeep Singh
@ 2022-04-22  3:51 ` Gagandeep Singh
  2022-04-28  7:15 ` [EXT] [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak Akhil Goyal
  2022-04-28 11:47 ` [PATCH v2 00/14] DPAA1 and DPAA2 crypto drivers changes Gagandeep Singh
  14 siblings, 0 replies; 33+ messages in thread
From: Gagandeep Singh @ 2022-04-22  3:51 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh, stable

Fixing the IV caluclation for zuc based short MAC-I
as per the HW security engine guidelines.

Fixes: 73a24060cd70 ("crypto/dpaa2_sec: add sample PDCP descriptor APIs")
Cc: stable@dpdk.org

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/common/dpaax/caamflib/desc/pdcp.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/common/dpaax/caamflib/desc/pdcp.h b/drivers/common/dpaax/caamflib/desc/pdcp.h
index 46153b9c29..289ee2a7d5 100644
--- a/drivers/common/dpaax/caamflib/desc/pdcp.h
+++ b/drivers/common/dpaax/caamflib/desc/pdcp.h
@@ -3066,7 +3066,7 @@ cnstr_shdsc_pdcp_short_mac(uint32_t *descbuf,
 
 	case PDCP_AUTH_TYPE_ZUC:
 		iv[0] = 0xFFFFFFFF;
-		iv[1] = swap ? swab32(0xFC000000) : 0xFC000000;
+		iv[1] = swab32(0xFC000000);
 		iv[2] = 0x00000000; /* unused */
 
 		KEY(p, KEY2, authdata->key_enc_flags, authdata->key,
-- 
2.25.1


^ permalink raw reply	[flat|nested] 33+ messages in thread

* RE: [EXT] [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak
  2022-04-22  3:50 [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak Gagandeep Singh
                   ` (12 preceding siblings ...)
  2022-04-22  3:51 ` [PATCH 14/14] common/dpaax: fix short MAC-I IV calculation for zuc Gagandeep Singh
@ 2022-04-28  7:15 ` Akhil Goyal
  2022-04-28  9:23   ` Gagandeep Singh
  2022-04-28 11:47 ` [PATCH v2 00/14] DPAA1 and DPAA2 crypto drivers changes Gagandeep Singh
  14 siblings, 1 reply; 33+ messages in thread
From: Akhil Goyal @ 2022-04-28  7:15 UTC (permalink / raw)
  To: Gagandeep Singh, dev; +Cc: stable

> Driver allocates a fle buffer for each packet
> before enqueue and free the buffer on dequeue. But in case if
> there are enqueue failures, then code should free the fle buffers.
> 
> Fixes: b15cbf5b2d88 ("crypto/dpaa2_sec: fix fle buffer leak")
> Cc: stable@dpdk.org
> 
> Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
> ---

You should use check-git-log
$ ./devtools/check-git-log.sh -14
Wrong headline format:
        crypto/dpaa_sec : fix secondary process probe
Wrong headline prefix:
        dpaax/caamflib: remove obsolete code
        crypto/dpaa2_sec: per queue pair fle pool
        crypto/dpaa_sec: remove unused thread specific variables
Wrong headline case:
                        "crypto/dpaa_sec: fix length for chain fd in raw sec driver": fd --> FD
Wrong headline case:
                        "crypto/dpaa2_sec: fix length for chain fd in raw sec driver": fd --> FD
Wrong headline case:
                        "crypto/dpaa2_sec: fix operation status for simple fd": fd --> FD
Headline too long:
        crypto/dpaa2_sec: fix crypto op pointer for atomic and ordered queues
Wrong 'Fixes' reference:
        Fixes: b15cbf5b2d88 ("crypto/dpaa2_sec: fix fle buffer leak")

Invalid patch(es) found - checked 14 patches

^ permalink raw reply	[flat|nested] 33+ messages in thread

* RE: [EXT] [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak
  2022-04-28  7:15 ` [EXT] [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak Akhil Goyal
@ 2022-04-28  9:23   ` Gagandeep Singh
  2022-04-28  9:29     ` Akhil Goyal
  0 siblings, 1 reply; 33+ messages in thread
From: Gagandeep Singh @ 2022-04-28  9:23 UTC (permalink / raw)
  To: Akhil Goyal, dev; +Cc: stable

Hi,

> -----Original Message-----
> From: Akhil Goyal <gakhil@marvell.com>
> Sent: Thursday, April 28, 2022 12:46 PM
> To: Gagandeep Singh <G.Singh@nxp.com>; dev@dpdk.org
> Cc: stable@dpdk.org
> Subject: RE: [EXT] [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak
> 
> > Driver allocates a fle buffer for each packet before enqueue and free
> > the buffer on dequeue. But in case if there are enqueue failures, then
> > code should free the fle buffers.
> >
> > Fixes: b15cbf5b2d88 ("crypto/dpaa2_sec: fix fle buffer leak")
> > Cc: stable@dpdk.org
> >
> > Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
> > ---
> 
> You should use check-git-log
> $ ./devtools/check-git-log.sh -14
> Wrong headline format:
>         crypto/dpaa_sec : fix secondary process probe Wrong headline prefix:
>         dpaax/caamflib: remove obsolete code
>         crypto/dpaa2_sec: per queue pair fle pool
>         crypto/dpaa_sec: remove unused thread specific variables Wrong headline
> case:
>                         "crypto/dpaa_sec: fix length for chain fd in raw sec driver": fd -->
> FD Wrong headline case:
>                         "crypto/dpaa2_sec: fix length for chain fd in raw sec driver": fd -->
> FD Wrong headline case:
>                         "crypto/dpaa2_sec: fix operation status for simple fd": fd --> FD
> Headline too long:
>         crypto/dpaa2_sec: fix crypto op pointer for atomic and ordered queues
> Wrong 'Fixes' reference:
>         Fixes: b15cbf5b2d88 ("crypto/dpaa2_sec: fix fle buffer leak")
> 
> Invalid patch(es) found - checked 14 patches

In two of the patches check-git-log is giving below error:

Wrong headline prefix:
        crypto/dpaa2_sec: per queue pair fle pool
        crypto/dpaa_sec: remove unused thread specific variables

Invalid patch(es) found - checked 14 patches

These patches have changes in bus as well in crypto drivers. What would be the correct headline prefix for these patches? Please advise.

^ permalink raw reply	[flat|nested] 33+ messages in thread

* RE: [EXT] [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak
  2022-04-28  9:23   ` Gagandeep Singh
@ 2022-04-28  9:29     ` Akhil Goyal
  0 siblings, 0 replies; 33+ messages in thread
From: Akhil Goyal @ 2022-04-28  9:29 UTC (permalink / raw)
  To: Gagandeep Singh, dev; +Cc: stable

> > You should use check-git-log
> > $ ./devtools/check-git-log.sh -14
> > Wrong headline format:
> >         crypto/dpaa_sec : fix secondary process probe Wrong headline prefix:
> >         dpaax/caamflib: remove obsolete code
> >         crypto/dpaa2_sec: per queue pair fle pool
> >         crypto/dpaa_sec: remove unused thread specific variables Wrong
> headline
> > case:
> >                         "crypto/dpaa_sec: fix length for chain fd in raw sec driver": fd -->
> > FD Wrong headline case:
> >                         "crypto/dpaa2_sec: fix length for chain fd in raw sec driver": fd --
> >
> > FD Wrong headline case:
> >                         "crypto/dpaa2_sec: fix operation status for simple fd": fd --> FD
> > Headline too long:
> >         crypto/dpaa2_sec: fix crypto op pointer for atomic and ordered queues
> > Wrong 'Fixes' reference:
> >         Fixes: b15cbf5b2d88 ("crypto/dpaa2_sec: fix fle buffer leak")
> >
> > Invalid patch(es) found - checked 14 patches
> 
> In two of the patches check-git-log is giving below error:
> 
> Wrong headline prefix:
>         crypto/dpaa2_sec: per queue pair fle pool
>         crypto/dpaa_sec: remove unused thread specific variables
> 
> Invalid patch(es) found - checked 14 patches
> 
> These patches have changes in bus as well in crypto drivers. What would be the
> correct headline prefix for these patches? Please advise.

If the major/main change is in crypto driver, then it should be crypto/xxx or else bus/xxx

^ permalink raw reply	[flat|nested] 33+ messages in thread

* [PATCH v2 00/14] DPAA1 and DPAA2 crypto drivers changes
  2022-04-22  3:50 [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak Gagandeep Singh
                   ` (13 preceding siblings ...)
  2022-04-28  7:15 ` [EXT] [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak Akhil Goyal
@ 2022-04-28 11:47 ` Gagandeep Singh
  2022-04-28 11:47   ` [PATCH v2 01/14] crypto/dpaa2_sec: fix fle buffer leak Gagandeep Singh
                     ` (14 more replies)
  14 siblings, 15 replies; 33+ messages in thread
From: Gagandeep Singh @ 2022-04-28 11:47 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh

Change-log:
Fixed git log issues.

Gagandeep Singh (13):
  crypto/dpaa2_sec: fix fle buffer leak
  crypto/dpaa2_sec: fix buffer pool ID check
  crypto/dpaa_sec: fix length for chain FD in raw sec driver
  crypto/dpaa2_sec: fix length for chain FD in raw sec driver
  crypto/dpaa_sec: physically enable QI
  crypto/dpaa_sec: replace use of old build macros
  common/dpaax: remove obsolete code
  crypto/dpaa2_sec: per queue pair fle pool
  crypto/dpaa2_sec: fix crypto op pointer value
  crypto/dpaa2_sec: fix operation status for simple FD
  bus/dpaa: remove unused thread specific variables
  crypto/dpaa_sec: move cdb prepration to session create
  common/dpaax: fix short MAC-I IV calculation for zuc

Vanshika Shukla (1):
  crypto/dpaa_sec: fix secondary process probe

 drivers/bus/dpaa/rte_dpaa_bus.h               |   8 +-
 drivers/bus/fslmc/portal/dpaa2_hw_dpio.c      |   4 +-
 drivers/bus/fslmc/portal/dpaa2_hw_pvt.h       |   3 +-
 drivers/common/dpaax/caamflib/desc/ipsec.h    |  34 +--
 drivers/common/dpaax/caamflib/desc/pdcp.h     |   2 +-
 .../dpaax/caamflib/rta/fifo_load_store_cmd.h  |  15 --
 .../common/dpaax/caamflib/rta/header_cmd.h    |  15 +-
 drivers/common/dpaax/caamflib/rta/jump_cmd.h  |  16 --
 drivers/common/dpaax/caamflib/rta/key_cmd.h   |  12 -
 drivers/common/dpaax/caamflib/rta/math_cmd.h  |  29 ---
 drivers/common/dpaax/caamflib/rta/move_cmd.h  |  39 +--
 drivers/common/dpaax/caamflib/rta/nfifo_cmd.h |   6 -
 .../common/dpaax/caamflib/rta/operation_cmd.h |  20 --
 .../common/dpaax/caamflib/rta/protocol_cmd.h  |  29 ---
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c   | 232 ++++++++++--------
 drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h     |   5 +-
 drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c   |  10 +-
 drivers/crypto/dpaa_sec/dpaa_sec.c            |  74 ++++--
 drivers/crypto/dpaa_sec/dpaa_sec.h            |   6 +
 drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c     |  14 +-
 drivers/net/dpaa2/dpaa2_ethdev.h              |   4 +-
 drivers/net/dpaa2/dpaa2_rxtx.c                |   3 +-
 22 files changed, 233 insertions(+), 347 deletions(-)

-- 
2.25.1


^ permalink raw reply	[flat|nested] 33+ messages in thread

* [PATCH v2 01/14] crypto/dpaa2_sec: fix fle buffer leak
  2022-04-28 11:47 ` [PATCH v2 00/14] DPAA1 and DPAA2 crypto drivers changes Gagandeep Singh
@ 2022-04-28 11:47   ` Gagandeep Singh
  2022-04-28 11:47   ` [PATCH v2 02/14] crypto/dpaa2_sec: fix buffer pool ID check Gagandeep Singh
                     ` (13 subsequent siblings)
  14 siblings, 0 replies; 33+ messages in thread
From: Gagandeep Singh @ 2022-04-28 11:47 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh, stable

Driver allocates a fle buffer for each packet
before enqueue and free the buffer on dequeue. But in case if
there are enqueue failures, then code should free the fle buffers.

Fixes: 4562de326d30 ("crypto/dpaa2_sec: support ordered queue")
Fixes: 3ffce51a1f04 ("crypto/dpaa2_sec: add enqueue retry timeout")
Cc: stable@dpdk.org

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 35 ++++++++++++++++++++-
 1 file changed, 34 insertions(+), 1 deletion(-)

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index e62d04852b..03fef5e500 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -1,7 +1,7 @@
 /* SPDX-License-Identifier: BSD-3-Clause
  *
  *   Copyright (c) 2016 Freescale Semiconductor, Inc. All rights reserved.
- *   Copyright 2016-2021 NXP
+ *   Copyright 2016-2022 NXP
  *
  */
 
@@ -64,6 +64,27 @@ enum dpaa2_sec_dump_levels {
 uint8_t cryptodev_driver_id;
 uint8_t dpaa2_sec_dp_dump = DPAA2_SEC_DP_ERR_DUMP;
 
+static inline void
+free_fle(const struct qbman_fd *fd)
+{
+	struct qbman_fle *fle;
+	struct rte_crypto_op *op;
+	struct ctxt_priv *priv;
+
+#ifdef RTE_LIB_SECURITY
+	if (DPAA2_FD_GET_FORMAT(fd) == qbman_fd_single)
+		return;
+#endif
+	fle = (struct qbman_fle *)DPAA2_IOVA_TO_VADDR(DPAA2_GET_FD_ADDR(fd));
+	op = (struct rte_crypto_op *)DPAA2_GET_FLE_ADDR((fle - 1));
+	/* free the fle memory */
+	if (likely(rte_pktmbuf_is_contiguous(op->sym->m_src))) {
+		priv = (struct ctxt_priv *)(size_t)DPAA2_GET_FLE_CTXT(fle - 1);
+		rte_mempool_put(priv->fle_pool, (void *)(fle-1));
+	} else
+		rte_free((void *)(fle-1));
+}
+
 #ifdef RTE_LIB_SECURITY
 static inline int
 build_proto_compound_sg_fd(dpaa2_sec_session *sess,
@@ -1513,6 +1534,12 @@ dpaa2_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,
 				if (retry_count > DPAA2_MAX_TX_RETRY_COUNT) {
 					num_tx += loop;
 					nb_ops -= loop;
+					DPAA2_SEC_DP_DEBUG("Enqueue fail\n");
+					/* freeing the fle buffers */
+					while (loop < frames_to_send) {
+						free_fle(&fd_arr[loop]);
+						loop++;
+					}
 					goto skip_tx;
 				}
 			} else {
@@ -1854,6 +1881,12 @@ dpaa2_sec_enqueue_burst_ordered(void *qp, struct rte_crypto_op **ops,
 				if (retry_count > DPAA2_MAX_TX_RETRY_COUNT) {
 					num_tx += loop;
 					nb_ops -= loop;
+					DPAA2_SEC_DP_DEBUG("Enqueue fail\n");
+					/* freeing the fle buffers */
+					while (loop < frames_to_send) {
+						free_fle(&fd_arr[loop]);
+						loop++;
+					}
 					goto skip_tx;
 				}
 			} else {
-- 
2.25.1


^ permalink raw reply	[flat|nested] 33+ messages in thread

* [PATCH v2 02/14] crypto/dpaa2_sec: fix buffer pool ID check
  2022-04-28 11:47 ` [PATCH v2 00/14] DPAA1 and DPAA2 crypto drivers changes Gagandeep Singh
  2022-04-28 11:47   ` [PATCH v2 01/14] crypto/dpaa2_sec: fix fle buffer leak Gagandeep Singh
@ 2022-04-28 11:47   ` Gagandeep Singh
  2022-04-28 11:47   ` [PATCH v2 03/14] crypto/dpaa_sec: fix length for chain FD in raw sec driver Gagandeep Singh
                     ` (12 subsequent siblings)
  14 siblings, 0 replies; 33+ messages in thread
From: Gagandeep Singh @ 2022-04-28 11:47 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh, stable

Simple fd rely on bpid of the buffers whereas
other FD types can support buffers without bpid
of pool.

So moving the bpid check to simple fd to mbuf
conversion function.

Fixes: 8d1f3a5d751b ("crypto/dpaa2_sec: support crypto operation")
Cc: stable@dpdk.org

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index 03fef5e500..2374d67978 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -1566,6 +1566,10 @@ sec_simple_fd_to_mbuf(const struct qbman_fd *fd)
 	int16_t diff = 0;
 	dpaa2_sec_session *sess_priv __rte_unused;
 
+	if (unlikely(DPAA2_GET_FD_IVP(fd))) {
+		DPAA2_SEC_ERR("error: non inline buffer");
+		return NULL;
+	}
 	struct rte_mbuf *mbuf = DPAA2_INLINE_MBUF_FROM_BUF(
 		DPAA2_IOVA_TO_VADDR(DPAA2_GET_FD_ADDR(fd)),
 		rte_dpaa2_bpid_info[DPAA2_GET_FD_BPID(fd)].meta_data_size);
@@ -1612,11 +1616,6 @@ sec_fd_to_mbuf(const struct qbman_fd *fd)
 	 * We can have a better approach to use the inline Mbuf
 	 */
 
-	if (unlikely(DPAA2_GET_FD_IVP(fd))) {
-		/* TODO complete it. */
-		DPAA2_SEC_ERR("error: non inline buffer");
-		return NULL;
-	}
 	op = (struct rte_crypto_op *)DPAA2_GET_FLE_ADDR((fle - 1));
 
 	/* Prefeth op */
-- 
2.25.1


^ permalink raw reply	[flat|nested] 33+ messages in thread

* [PATCH v2 03/14] crypto/dpaa_sec: fix length for chain FD in raw sec driver
  2022-04-28 11:47 ` [PATCH v2 00/14] DPAA1 and DPAA2 crypto drivers changes Gagandeep Singh
  2022-04-28 11:47   ` [PATCH v2 01/14] crypto/dpaa2_sec: fix fle buffer leak Gagandeep Singh
  2022-04-28 11:47   ` [PATCH v2 02/14] crypto/dpaa2_sec: fix buffer pool ID check Gagandeep Singh
@ 2022-04-28 11:47   ` Gagandeep Singh
  2022-04-28 11:47   ` [PATCH v2 04/14] crypto/dpaa2_sec: " Gagandeep Singh
                     ` (11 subsequent siblings)
  14 siblings, 0 replies; 33+ messages in thread
From: Gagandeep Singh @ 2022-04-28 11:47 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh, stable

DPAA sec raw driver is calculating the wrong lengths while
creating the FD for chain.
This patch fixes lengths for chain FD.

Fixes: 78156d38e112 ("crypto/dpaa_sec: support authonly and chain with raw API")
Cc: stable@dpdk.org

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c b/drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c
index 522685f8cf..29f4e6d40b 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c
@@ -1,5 +1,5 @@
 /* SPDX-License-Identifier: BSD-3-Clause
- * Copyright 2021 NXP
+ * Copyright 2021-2022 NXP
  */
 
 #include <rte_byteorder.h>
@@ -397,8 +397,8 @@ build_dpaa_raw_dp_chain_fd(uint8_t *drv_ctx,
 	unsigned int i;
 	uint16_t auth_hdr_len = ofs.ofs.cipher.head -
 				ofs.ofs.auth.head;
-	uint16_t auth_tail_len = ofs.ofs.auth.tail;
-	uint32_t auth_only_len = (auth_tail_len << 16) | auth_hdr_len;
+	uint16_t auth_tail_len;
+	uint32_t auth_only_len;
 	int data_len = 0, auth_len = 0, cipher_len = 0;
 
 	for (i = 0; i < sgl->num; i++)
@@ -406,6 +406,8 @@ build_dpaa_raw_dp_chain_fd(uint8_t *drv_ctx,
 
 	cipher_len = data_len - ofs.ofs.cipher.head - ofs.ofs.cipher.tail;
 	auth_len = data_len - ofs.ofs.auth.head - ofs.ofs.auth.tail;
+	auth_tail_len = auth_len - cipher_len - auth_hdr_len;
+	auth_only_len = (auth_tail_len << 16) | auth_hdr_len;
 
 	if (sgl->num > MAX_SG_ENTRIES) {
 		DPAA_SEC_DP_ERR("Cipher-Auth: Max sec segs supported is %d",
@@ -448,6 +450,7 @@ build_dpaa_raw_dp_chain_fd(uint8_t *drv_ctx,
 			qm_sg_entry_set64(sg, dest_sgl->vec[i].iova);
 			sg->length = dest_sgl->vec[i].len;
 		}
+		sg->length -= ofs.ofs.cipher.tail;
 	} else {
 		qm_sg_entry_set64(sg, sgl->vec[0].iova);
 		sg->length = sgl->vec[0].len - ofs.ofs.cipher.head;
@@ -460,6 +463,7 @@ build_dpaa_raw_dp_chain_fd(uint8_t *drv_ctx,
 			qm_sg_entry_set64(sg, sgl->vec[i].iova);
 			sg->length = sgl->vec[i].len;
 		}
+		sg->length -= ofs.ofs.cipher.tail;
 	}
 
 	if (is_encode(ses)) {
-- 
2.25.1


^ permalink raw reply	[flat|nested] 33+ messages in thread

* [PATCH v2 04/14] crypto/dpaa2_sec: fix length for chain FD in raw sec driver
  2022-04-28 11:47 ` [PATCH v2 00/14] DPAA1 and DPAA2 crypto drivers changes Gagandeep Singh
                     ` (2 preceding siblings ...)
  2022-04-28 11:47   ` [PATCH v2 03/14] crypto/dpaa_sec: fix length for chain FD in raw sec driver Gagandeep Singh
@ 2022-04-28 11:47   ` Gagandeep Singh
  2022-04-28 11:47   ` [PATCH v2 05/14] crypto/dpaa_sec: physically enable QI Gagandeep Singh
                     ` (10 subsequent siblings)
  14 siblings, 0 replies; 33+ messages in thread
From: Gagandeep Singh @ 2022-04-28 11:47 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh, stable

DPAA2 sec raw driver is calculating the wrong lengths while
creating the FD for chain.
This patch fixes lengths for chain FD.

Fixes: aa6ec1fd8443 ("crypto/dpaa2_sec: support authenc with raw buffer API")
Cc: stable@dpdk.org

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c
index 74f2045637..e68a4875dd 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c
@@ -1,5 +1,5 @@
 /* SPDX-License-Identifier: BSD-3-Clause
- * Copyright 2021 NXP
+ * Copyright 2021-2022 NXP
  */
 
 #include <cryptodev_pmd.h>
@@ -44,8 +44,8 @@ build_raw_dp_chain_fd(uint8_t *drv_ctx,
 	uint16_t auth_hdr_len = ofs.ofs.cipher.head -
 				ofs.ofs.auth.head;
 
-	uint16_t auth_tail_len = ofs.ofs.auth.tail;
-	uint32_t auth_only_len = (auth_tail_len << 16) | auth_hdr_len;
+	uint16_t auth_tail_len;
+	uint32_t auth_only_len;
 	int icv_len = sess->digest_length;
 	uint8_t *old_icv;
 	uint8_t *iv_ptr = iv->va;
@@ -55,6 +55,8 @@ build_raw_dp_chain_fd(uint8_t *drv_ctx,
 
 	cipher_len = data_len - ofs.ofs.cipher.head - ofs.ofs.cipher.tail;
 	auth_len = data_len - ofs.ofs.auth.head - ofs.ofs.auth.tail;
+	auth_tail_len = auth_len - cipher_len - auth_hdr_len;
+	auth_only_len = (auth_tail_len << 16) | auth_hdr_len;
 	/* first FLE entry used to store session ctxt */
 	fle = (struct qbman_fle *)rte_malloc(NULL,
 			FLE_SG_MEM_SIZE(2 * sgl->num),
@@ -104,6 +106,7 @@ build_raw_dp_chain_fd(uint8_t *drv_ctx,
 			DPAA2_SET_FLE_OFFSET(sge, 0);
 			sge->length = dest_sgl->vec[i].len;
 		}
+		sge->length -= ofs.ofs.cipher.tail;
 	} else {
 		/* Configure Output SGE for Encap/Decap */
 		DPAA2_SET_FLE_ADDR(sge, sgl->vec[0].iova);
@@ -117,6 +120,7 @@ build_raw_dp_chain_fd(uint8_t *drv_ctx,
 			DPAA2_SET_FLE_OFFSET(sge, 0);
 			sge->length = sgl->vec[i].len;
 		}
+		sge->length -= ofs.ofs.cipher.tail;
 	}
 
 	if (sess->dir == DIR_ENC) {
-- 
2.25.1


^ permalink raw reply	[flat|nested] 33+ messages in thread

* [PATCH v2 05/14] crypto/dpaa_sec: physically enable QI
  2022-04-28 11:47 ` [PATCH v2 00/14] DPAA1 and DPAA2 crypto drivers changes Gagandeep Singh
                     ` (3 preceding siblings ...)
  2022-04-28 11:47   ` [PATCH v2 04/14] crypto/dpaa2_sec: " Gagandeep Singh
@ 2022-04-28 11:47   ` Gagandeep Singh
  2022-04-28 11:47   ` [PATCH v2 06/14] crypto/dpaa_sec: replace use of old build macros Gagandeep Singh
                     ` (9 subsequent siblings)
  14 siblings, 0 replies; 33+ messages in thread
From: Gagandeep Singh @ 2022-04-28 11:47 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh

To perform crypto operations on DPAA platform,
QI interface of HW must be enabled.
Earlier DPAA crypto driver was dependent on
kernel for QI enable. Now with this patch
there is no such dependency on kernel.

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/crypto/dpaa_sec/dpaa_sec.c | 30 ++++++++++++++++++++++++++++--
 drivers/crypto/dpaa_sec/dpaa_sec.h |  6 ++++++
 2 files changed, 34 insertions(+), 2 deletions(-)

diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c
index ed12d6663b..23a94d7e41 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
@@ -1,7 +1,7 @@
 /* SPDX-License-Identifier: BSD-3-Clause
  *
  *   Copyright (c) 2016 Freescale Semiconductor, Inc. All rights reserved.
- *   Copyright 2017-2021 NXP
+ *   Copyright 2017-2022 NXP
  *
  */
 
@@ -20,6 +20,7 @@
 #endif
 #include <rte_cycles.h>
 #include <rte_dev.h>
+#include <rte_io.h>
 #include <rte_ip.h>
 #include <rte_kvargs.h>
 #include <rte_malloc.h>
@@ -3654,9 +3655,35 @@ dpaa_sec_dev_init(struct rte_cryptodev *cryptodev)
 	struct dpaa_sec_qp *qp;
 	uint32_t i, flags;
 	int ret;
+	void *cmd_map;
+	int map_fd = -1;
 
 	PMD_INIT_FUNC_TRACE();
 
+	internals = cryptodev->data->dev_private;
+	map_fd = open("/dev/mem", O_RDWR);
+	if (unlikely(map_fd < 0)) {
+		DPAA_SEC_ERR("Unable to open (/dev/mem)");
+		return map_fd;
+	}
+	internals->sec_hw = mmap(NULL, MAP_SIZE, PROT_READ | PROT_WRITE,
+			    MAP_SHARED, map_fd, SEC_BASE_ADDR);
+	if (internals->sec_hw == MAP_FAILED) {
+		DPAA_SEC_ERR("Memory map failed");
+		close(map_fd);
+		return -EINVAL;
+	}
+	cmd_map = (uint8_t *)internals->sec_hw +
+		  (BLOCK_OFFSET * QI_BLOCK_NUMBER) + CMD_REG;
+	if (!(be32_to_cpu(rte_read32(cmd_map)) & QICTL_DQEN))
+		/* enable QI interface */
+		rte_write32(cpu_to_be32(QICTL_DQEN), cmd_map);
+
+	ret = munmap(internals->sec_hw, MAP_SIZE);
+	if (ret)
+		DPAA_SEC_WARN("munmap failed\n");
+
+	close(map_fd);
 	cryptodev->driver_id = dpaa_cryptodev_driver_id;
 	cryptodev->dev_ops = &crypto_ops;
 
@@ -3673,7 +3700,6 @@ dpaa_sec_dev_init(struct rte_cryptodev *cryptodev)
 			RTE_CRYPTODEV_FF_OOP_LB_IN_SGL_OUT |
 			RTE_CRYPTODEV_FF_OOP_LB_IN_LB_OUT;
 
-	internals = cryptodev->data->dev_private;
 	internals->max_nb_queue_pairs = RTE_DPAA_MAX_NB_SEC_QPS;
 	internals->max_nb_sessions = RTE_DPAA_SEC_PMD_MAX_NB_SESSIONS;
 
diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.h b/drivers/crypto/dpaa_sec/dpaa_sec.h
index b3f2258ead..8921e3ed89 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.h
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.h
@@ -10,6 +10,12 @@
 #define CRYPTODEV_NAME_DPAA_SEC_PMD	crypto_dpaa_sec
 /**< NXP DPAA - SEC PMD device name */
 
+#define SEC_BASE_ADDR		0x1700000
+#define MAP_SIZE		0x100000
+#define BLOCK_OFFSET		0x10000
+#define CMD_REG			0x4
+#define QICTL_DQEN		0x01
+#define QI_BLOCK_NUMBER		7
 #define MAX_DPAA_CORES		4
 #define NUM_POOL_CHANNELS	4
 #define DPAA_SEC_BURST		7
-- 
2.25.1


^ permalink raw reply	[flat|nested] 33+ messages in thread

* [PATCH v2 06/14] crypto/dpaa_sec: replace use of old build macros
  2022-04-28 11:47 ` [PATCH v2 00/14] DPAA1 and DPAA2 crypto drivers changes Gagandeep Singh
                     ` (4 preceding siblings ...)
  2022-04-28 11:47   ` [PATCH v2 05/14] crypto/dpaa_sec: physically enable QI Gagandeep Singh
@ 2022-04-28 11:47   ` Gagandeep Singh
  2022-04-28 11:47   ` [PATCH v2 07/14] common/dpaax: remove obsolete code Gagandeep Singh
                     ` (8 subsequent siblings)
  14 siblings, 0 replies; 33+ messages in thread
From: Gagandeep Singh @ 2022-04-28 11:47 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh

Use the newer security macros defined by meson.

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c b/drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c
index 29f4e6d40b..d081953e26 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c
@@ -645,7 +645,7 @@ build_dpaa_raw_dp_cipher_fd(uint8_t *drv_ctx,
 	return cf;
 }
 
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
 static inline struct dpaa_sec_job *
 build_dpaa_raw_proto_sg(uint8_t *drv_ctx,
 			struct rte_crypto_sgl *sgl,
@@ -1036,7 +1036,7 @@ dpaa_sec_configure_raw_dp_ctx(struct rte_cryptodev *dev, uint16_t qp_id,
 		sess->build_raw_dp_fd = build_dpaa_raw_dp_chain_fd;
 	else if (sess->ctxt == DPAA_SEC_AEAD)
 		sess->build_raw_dp_fd = build_raw_cipher_auth_gcm_sg;
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef RTE_LIB_SECURITY
 	else if (sess->ctxt == DPAA_SEC_IPSEC ||
 			sess->ctxt == DPAA_SEC_PDCP)
 		sess->build_raw_dp_fd = build_dpaa_raw_proto_sg;
-- 
2.25.1


^ permalink raw reply	[flat|nested] 33+ messages in thread

* [PATCH v2 07/14] common/dpaax: remove obsolete code
  2022-04-28 11:47 ` [PATCH v2 00/14] DPAA1 and DPAA2 crypto drivers changes Gagandeep Singh
                     ` (5 preceding siblings ...)
  2022-04-28 11:47   ` [PATCH v2 06/14] crypto/dpaa_sec: replace use of old build macros Gagandeep Singh
@ 2022-04-28 11:47   ` Gagandeep Singh
  2022-04-28 11:47   ` [PATCH v2 08/14] crypto/dpaa_sec: fix secondary process probe Gagandeep Singh
                     ` (7 subsequent siblings)
  14 siblings, 0 replies; 33+ messages in thread
From: Gagandeep Singh @ 2022-04-28 11:47 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh

Remove sec era 1 to 7 IPsec and caam operations code
as none of the NXP platform use it.

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/common/dpaax/caamflib/desc/ipsec.h    | 34 +++-------------
 .../dpaax/caamflib/rta/fifo_load_store_cmd.h  | 15 -------
 .../common/dpaax/caamflib/rta/header_cmd.h    | 15 +------
 drivers/common/dpaax/caamflib/rta/jump_cmd.h  | 16 --------
 drivers/common/dpaax/caamflib/rta/key_cmd.h   | 12 ------
 drivers/common/dpaax/caamflib/rta/math_cmd.h  | 29 --------------
 drivers/common/dpaax/caamflib/rta/move_cmd.h  | 39 ++++---------------
 drivers/common/dpaax/caamflib/rta/nfifo_cmd.h |  6 ---
 .../common/dpaax/caamflib/rta/operation_cmd.h | 20 ----------
 .../common/dpaax/caamflib/rta/protocol_cmd.h  | 29 --------------
 10 files changed, 15 insertions(+), 200 deletions(-)

diff --git a/drivers/common/dpaax/caamflib/desc/ipsec.h b/drivers/common/dpaax/caamflib/desc/ipsec.h
index 668d21649d..8ec6aac915 100644
--- a/drivers/common/dpaax/caamflib/desc/ipsec.h
+++ b/drivers/common/dpaax/caamflib/desc/ipsec.h
@@ -774,14 +774,9 @@ cnstr_shdsc_ipsec_encap(uint32_t *descbuf, bool ps, bool swap,
 	COPY_DATA(p, pdb->ip_hdr, pdb->ip_hdr_len);
 	SET_LABEL(p, hdr);
 	pkeyjmp = JUMP(p, keyjmp, LOCAL_JUMP, ALL_TRUE, BOTH|SHRD);
-	if (authdata->keylen) {
-		if (rta_sec_era < RTA_SEC_ERA_6)
-			KEY(p, MDHA_SPLIT_KEY, authdata->key_enc_flags,
-			    authdata->key, authdata->keylen,
-			    INLINE_KEY(authdata));
-		else
-			__gen_auth_key(p, authdata);
-	}
+	if (authdata->keylen)
+		__gen_auth_key(p, authdata);
+
 	if (cipherdata->keylen)
 		KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key,
 		    cipherdata->keylen, INLINE_KEY(cipherdata));
@@ -841,14 +836,9 @@ cnstr_shdsc_ipsec_decap(uint32_t *descbuf, bool ps, bool swap,
 	__rta_copy_ipsec_decap_pdb(p, pdb, cipherdata->algtype);
 	SET_LABEL(p, hdr);
 	pkeyjmp = JUMP(p, keyjmp, LOCAL_JUMP, ALL_TRUE, BOTH|SHRD);
-	if (authdata->keylen) {
-		if (rta_sec_era < RTA_SEC_ERA_6)
-			KEY(p, MDHA_SPLIT_KEY, authdata->key_enc_flags,
-			    authdata->key, authdata->keylen,
-			    INLINE_KEY(authdata));
-		else
-			__gen_auth_key(p, authdata);
-	}
+	if (authdata->keylen)
+		__gen_auth_key(p, authdata);
+
 	if (cipherdata->keylen)
 		KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key,
 		    cipherdata->keylen, INLINE_KEY(cipherdata));
@@ -1248,12 +1238,6 @@ cnstr_shdsc_ipsec_new_encap(uint32_t *descbuf, bool ps,
 	LABEL(l2copy);
 	REFERENCE(pl2copy);
 
-	if (rta_sec_era < RTA_SEC_ERA_8) {
-		pr_err("IPsec new mode encap: available only for Era %d or above\n",
-		       USER_SEC_ERA(RTA_SEC_ERA_8));
-		return -ENOTSUP;
-	}
-
 	PROGRAM_CNTXT_INIT(p, descbuf, 0);
 	if (swap)
 		PROGRAM_SET_BSWAP(p);
@@ -1363,12 +1347,6 @@ cnstr_shdsc_ipsec_new_decap(uint32_t *descbuf, bool ps,
 	LABEL(hdr);
 	REFERENCE(phdr);
 
-	if (rta_sec_era < RTA_SEC_ERA_8) {
-		pr_err("IPsec new mode decap: available only for Era %d or above\n",
-		       USER_SEC_ERA(RTA_SEC_ERA_8));
-		return -ENOTSUP;
-	}
-
 	PROGRAM_CNTXT_INIT(p, descbuf, 0);
 	if (swap)
 		PROGRAM_SET_BSWAP(p);
diff --git a/drivers/common/dpaax/caamflib/rta/fifo_load_store_cmd.h b/drivers/common/dpaax/caamflib/rta/fifo_load_store_cmd.h
index 287e09cd75..51d54deb16 100644
--- a/drivers/common/dpaax/caamflib/rta/fifo_load_store_cmd.h
+++ b/drivers/common/dpaax/caamflib/rta/fifo_load_store_cmd.h
@@ -68,11 +68,6 @@ rta_fifo_load(struct program *program, uint32_t src,
 			pr_err("SEQ FIFO LOAD: Invalid command\n");
 			goto err;
 		}
-		if ((rta_sec_era <= RTA_SEC_ERA_5) && (flags & AIDF)) {
-			pr_err("SEQ FIFO LOAD: Flag(s) not supported by SEC Era %d\n",
-			       USER_SEC_ERA(rta_sec_era));
-			goto err;
-		}
 		if ((flags & VLF) && ((flags & EXT) || (length >> 16))) {
 			pr_err("SEQ FIFO LOAD: Invalid usage of VLF\n");
 			goto err;
@@ -244,11 +239,6 @@ rta_fifo_store(struct program *program, uint32_t src,
 			goto err;
 		}
 	}
-	if ((rta_sec_era == RTA_SEC_ERA_7) && (src == AFHA_SBOX)) {
-		pr_err("FIFO STORE: AFHA S-box not supported by SEC Era %d\n",
-		       USER_SEC_ERA(rta_sec_era));
-		goto err;
-	}
 
 	/* write output data type field */
 	ret = __rta_map_opcode(src, fifo_store_table,
@@ -263,11 +253,6 @@ rta_fifo_store(struct program *program, uint32_t src,
 	if (encrypt_flags & TK)
 		opcode |= (0x1 << FIFOST_TYPE_SHIFT);
 	if (encrypt_flags & EKT) {
-		if (rta_sec_era == RTA_SEC_ERA_1) {
-			pr_err("FIFO STORE: AES-CCM source types not supported\n");
-			ret = -EINVAL;
-			goto err;
-		}
 		opcode |= (0x10 << FIFOST_TYPE_SHIFT);
 		opcode &= (uint32_t)~(0x20 << FIFOST_TYPE_SHIFT);
 	}
diff --git a/drivers/common/dpaax/caamflib/rta/header_cmd.h b/drivers/common/dpaax/caamflib/rta/header_cmd.h
index 45aefa04c1..779f84ebcb 100644
--- a/drivers/common/dpaax/caamflib/rta/header_cmd.h
+++ b/drivers/common/dpaax/caamflib/rta/header_cmd.h
@@ -155,12 +155,6 @@ rta_job_header(struct program *program,
 		goto err;
 	}
 
-	if ((rta_sec_era < RTA_SEC_ERA_7) && (flags & MTD) && !(flags & TD)) {
-		pr_err("JOB_DESC: Trying to MTD a descriptor that is not a TD. SEC Program Line: %d\n",
-		       program->current_pc);
-		goto err;
-	}
-
 	if ((flags & EXT) && !(flags & SHR) && (start_idx < 2)) {
 		pr_err("JOB_DESC: Start index must be >= 2 in case of no SHR and EXT. SEC Program Line: %d\n",
 		       program->current_pc);
@@ -183,15 +177,8 @@ rta_job_header(struct program *program,
 			hdr_ext |= ext_flags & DSEL_MASK;
 		}
 
-		if (ext_flags & FTD) {
-			if (rta_sec_era <= RTA_SEC_ERA_5) {
-				pr_err("JOB_DESC: Fake trusted descriptor not supported by SEC Era %d\n",
-				       USER_SEC_ERA(rta_sec_era));
-				goto err;
-			}
-
+		if (ext_flags & FTD)
 			hdr_ext |= HDR_EXT_FTD;
-		}
 	}
 	if (flags & RSMS)
 		opcode |= HDR_RSLS;
diff --git a/drivers/common/dpaax/caamflib/rta/jump_cmd.h b/drivers/common/dpaax/caamflib/rta/jump_cmd.h
index 18f781e373..0ce5a3e7c6 100644
--- a/drivers/common/dpaax/caamflib/rta/jump_cmd.h
+++ b/drivers/common/dpaax/caamflib/rta/jump_cmd.h
@@ -7,8 +7,6 @@
 #ifndef __RTA_JUMP_CMD_H__
 #define __RTA_JUMP_CMD_H__
 
-extern enum rta_sec_era rta_sec_era;
-
 static const uint32_t jump_test_cond[][2] = {
 	{ NIFP,     JUMP_COND_NIFP },
 	{ NIP,      JUMP_COND_NIP },
@@ -59,20 +57,6 @@ rta_jump(struct program *program, uint64_t address,
 	unsigned int start_pc = program->current_pc;
 	int ret = -EINVAL;
 
-	if (((jump_type == GOSUB) || (jump_type == RETURN)) &&
-	    (rta_sec_era < RTA_SEC_ERA_4)) {
-		pr_err("JUMP: Jump type not supported by SEC Era %d\n",
-		       USER_SEC_ERA(rta_sec_era));
-		goto err;
-	}
-
-	if (((jump_type == LOCAL_JUMP_INC) || (jump_type == LOCAL_JUMP_DEC)) &&
-	    (rta_sec_era <= RTA_SEC_ERA_5)) {
-		pr_err("JUMP_INCDEC: Jump type not supported by SEC Era %d\n",
-		       USER_SEC_ERA(rta_sec_era));
-		goto err;
-	}
-
 	switch (jump_type) {
 	case (LOCAL_JUMP):
 		/*
diff --git a/drivers/common/dpaax/caamflib/rta/key_cmd.h b/drivers/common/dpaax/caamflib/rta/key_cmd.h
index ec3fbcaf61..714918e18b 100644
--- a/drivers/common/dpaax/caamflib/rta/key_cmd.h
+++ b/drivers/common/dpaax/caamflib/rta/key_cmd.h
@@ -54,12 +54,6 @@ rta_key(struct program *program, uint32_t key_dst,
 			       program->current_instruction);
 			goto err;
 		}
-		if ((rta_sec_era <= RTA_SEC_ERA_5) &&
-		    ((flags & VLF) || (flags & AIDF))) {
-			pr_err("SEQKEY: Flag(s) not supported by SEC Era %d\n",
-			       USER_SEC_ERA(rta_sec_era));
-			goto err;
-		}
 	} else {
 		if ((flags & AIDF) || (flags & VLF)) {
 			pr_err("KEY: Invalid flag. SEC PC: %d; Instr: %d\n",
@@ -84,12 +78,6 @@ rta_key(struct program *program, uint32_t key_dst,
 	}
 
 	if (key_dst == AFHA_SBOX) {
-		if (rta_sec_era == RTA_SEC_ERA_7) {
-			pr_err("KEY: AFHA S-box not supported by SEC Era %d\n",
-			       USER_SEC_ERA(rta_sec_era));
-			goto err;
-		}
-
 		if (flags & IMMED) {
 			pr_err("KEY: Invalid flag. SEC PC: %d; Instr: %d\n",
 			       program->current_pc,
diff --git a/drivers/common/dpaax/caamflib/rta/math_cmd.h b/drivers/common/dpaax/caamflib/rta/math_cmd.h
index cca70f7e04..532c70c518 100644
--- a/drivers/common/dpaax/caamflib/rta/math_cmd.h
+++ b/drivers/common/dpaax/caamflib/rta/math_cmd.h
@@ -85,22 +85,7 @@ rta_math(struct program *program, uint64_t operand1,
 	int ret = -EINVAL;
 	unsigned int start_pc = program->current_pc;
 
-	if (((op == MATH_FUN_BSWAP) && (rta_sec_era < RTA_SEC_ERA_4)) ||
-	    ((op == MATH_FUN_ZBYT) && (rta_sec_era < RTA_SEC_ERA_2))) {
-		pr_err("MATH: operation not supported by SEC Era %d. SEC PC: %d; Instr: %d\n",
-		       USER_SEC_ERA(rta_sec_era), program->current_pc,
-		       program->current_instruction);
-		goto err;
-	}
-
 	if (options & SWP) {
-		if (rta_sec_era < RTA_SEC_ERA_7) {
-			pr_err("MATH: operation not supported by SEC Era %d. SEC PC: %d; Instr: %d\n",
-			       USER_SEC_ERA(rta_sec_era), program->current_pc,
-			       program->current_instruction);
-			goto err;
-		}
-
 		if ((options & IFB) ||
 		    (!(options & IMMED) && !(options & IMMED2)) ||
 		    ((options & IMMED) && (options & IMMED2))) {
@@ -258,26 +243,12 @@ rta_mathi(struct program *program, uint64_t operand,
 	int ret = -EINVAL;
 	unsigned int start_pc = program->current_pc;
 
-	if (rta_sec_era < RTA_SEC_ERA_6) {
-		pr_err("MATHI: Command not supported by SEC Era %d. SEC PC: %d; Instr: %d\n",
-		       USER_SEC_ERA(rta_sec_era), program->current_pc,
-		       program->current_instruction);
-		goto err;
-	}
-
 	if (((op == MATH_FUN_FBYT) && (options & SSEL))) {
 		pr_err("MATHI: Illegal combination - FBYT and SSEL. SEC PC: %d; Instr: %d\n",
 		       program->current_pc, program->current_instruction);
 		goto err;
 	}
 
-	if ((options & SWP) && (rta_sec_era < RTA_SEC_ERA_7)) {
-		pr_err("MATHI: SWP not supported by SEC Era %d. SEC PC: %d; Instr: %d\n",
-		       USER_SEC_ERA(rta_sec_era), program->current_pc,
-		       program->current_instruction);
-		goto err;
-	}
-
 	/* Write first operand field */
 	if (!(options & SSEL))
 		ret = __rta_map_opcode((uint32_t)operand, math_op1,
diff --git a/drivers/common/dpaax/caamflib/rta/move_cmd.h b/drivers/common/dpaax/caamflib/rta/move_cmd.h
index d2151c6dd7..ac1280c23a 100644
--- a/drivers/common/dpaax/caamflib/rta/move_cmd.h
+++ b/drivers/common/dpaax/caamflib/rta/move_cmd.h
@@ -95,26 +95,12 @@ rta_move(struct program *program, int cmd_type, uint64_t src,
 	bool is_move_len_cmd = false;
 	unsigned int start_pc = program->current_pc;
 
-	if ((rta_sec_era < RTA_SEC_ERA_7) && (cmd_type != __MOVE)) {
-		pr_err("MOVE: MOVEB / MOVEDW not supported by SEC Era %d. SEC PC: %d; Instr: %d\n",
-		       USER_SEC_ERA(rta_sec_era), program->current_pc,
-		       program->current_instruction);
-		goto err;
-	}
-
 	/* write command type */
 	if (cmd_type == __MOVEB) {
 		opcode = CMD_MOVEB;
 	} else if (cmd_type == __MOVEDW) {
 		opcode = CMD_MOVEDW;
 	} else if (!(flags & IMMED)) {
-		if (rta_sec_era < RTA_SEC_ERA_3) {
-			pr_err("MOVE: MOVE_LEN not supported by SEC Era %d. SEC PC: %d; Instr: %d\n",
-			       USER_SEC_ERA(rta_sec_era), program->current_pc,
-			       program->current_instruction);
-			goto err;
-		}
-
 		if ((length != MATH0) && (length != MATH1) &&
 		    (length != MATH2) && (length != MATH3)) {
 			pr_err("MOVE: MOVE_LEN length must be MATH[0-3]. SEC PC: %d; Instr: %d\n",
@@ -153,24 +139,15 @@ rta_move(struct program *program, int cmd_type, uint64_t src,
 		else
 			offset = dst_offset;
 
-		if (rta_sec_era < RTA_SEC_ERA_6) {
-			if (offset)
-				pr_debug("MOVE: Offset not supported by SEC Era %d. SEC PC: %d; Instr: %d\n",
-					 USER_SEC_ERA(rta_sec_era),
-					 program->current_pc,
-					 program->current_instruction);
-			/* nothing to do for offset = 0 */
-		} else {
-			ret = math_offset(offset);
-			if (ret < 0) {
-				pr_err("MOVE: Invalid offset in MATH register. SEC PC: %d; Instr: %d\n",
-				       program->current_pc,
-				       program->current_instruction);
-				goto err;
-			}
-
-			opcode |= (uint32_t)ret;
+		ret = math_offset(offset);
+		if (ret < 0) {
+			pr_err("MOVE: Invalid offset in MATH register. SEC PC: %d; Instr: %d\n",
+			       program->current_pc,
+			       program->current_instruction);
+			goto err;
 		}
+
+		opcode |= (uint32_t)ret;
 	}
 
 	/* write source field */
diff --git a/drivers/common/dpaax/caamflib/rta/nfifo_cmd.h b/drivers/common/dpaax/caamflib/rta/nfifo_cmd.h
index 85092d9612..8131acd9e4 100644
--- a/drivers/common/dpaax/caamflib/rta/nfifo_cmd.h
+++ b/drivers/common/dpaax/caamflib/rta/nfifo_cmd.h
@@ -102,12 +102,6 @@ rta_nfifo_load(struct program *program, uint32_t src,
 			    LDST_SRCDST_WORD_INFO_FIFO;
 	unsigned int start_pc = program->current_pc;
 
-	if ((data == AFHA_SBOX) && (rta_sec_era == RTA_SEC_ERA_7)) {
-		pr_err("NFIFO: AFHA S-box not supported by SEC Era %d\n",
-		       USER_SEC_ERA(rta_sec_era));
-		goto err;
-	}
-
 	/* write source field */
 	ret = __rta_map_opcode(src, nfifo_src, nfifo_src_sz[rta_sec_era], &val);
 	if (ret < 0) {
diff --git a/drivers/common/dpaax/caamflib/rta/operation_cmd.h b/drivers/common/dpaax/caamflib/rta/operation_cmd.h
index 3d339cb0a0..fe1ac37ee8 100644
--- a/drivers/common/dpaax/caamflib/rta/operation_cmd.h
+++ b/drivers/common/dpaax/caamflib/rta/operation_cmd.h
@@ -19,8 +19,6 @@ __rta_alg_aai_aes(uint16_t aai)
 	uint16_t aes_mode = aai & OP_ALG_AESA_MODE_MASK;
 
 	if (aai & OP_ALG_AAI_C2K) {
-		if (rta_sec_era < RTA_SEC_ERA_5)
-			return -1;
 		if ((aes_mode != OP_ALG_AAI_CCM) &&
 		    (aes_mode != OP_ALG_AAI_GCM))
 			return -EINVAL;
@@ -30,9 +28,6 @@ __rta_alg_aai_aes(uint16_t aai)
 	case OP_ALG_AAI_CBC_CMAC:
 	case OP_ALG_AAI_CTR_CMAC_LTE:
 	case OP_ALG_AAI_CTR_CMAC:
-		if (rta_sec_era < RTA_SEC_ERA_2)
-			return -EINVAL;
-		/* no break */
 	case OP_ALG_AAI_CTR:
 	case OP_ALG_AAI_CBC:
 	case OP_ALG_AAI_ECB:
@@ -72,9 +67,6 @@ __rta_alg_aai_md5(uint16_t aai)
 {
 	switch (aai) {
 	case OP_ALG_AAI_HMAC:
-		if (rta_sec_era < RTA_SEC_ERA_2)
-			return -EINVAL;
-		/* no break */
 	case OP_ALG_AAI_SMAC:
 	case OP_ALG_AAI_HASH:
 	case OP_ALG_AAI_HMAC_PRECOMP:
@@ -89,9 +81,6 @@ __rta_alg_aai_sha(uint16_t aai)
 {
 	switch (aai) {
 	case OP_ALG_AAI_HMAC:
-		if (rta_sec_era < RTA_SEC_ERA_2)
-			return -EINVAL;
-		/* no break */
 	case OP_ALG_AAI_HASH:
 	case OP_ALG_AAI_HMAC_PRECOMP:
 		return 0;
@@ -115,15 +104,6 @@ __rta_alg_aai_rng(uint16_t aai)
 		return -EINVAL;
 	}
 
-	/* State Handle bits are valid only for SEC Era >= 5 */
-	if ((rta_sec_era < RTA_SEC_ERA_5) && rng_sh)
-		return -EINVAL;
-
-	/* PS, AI, SK bits are also valid only for SEC Era >= 5 */
-	if ((rta_sec_era < RTA_SEC_ERA_5) && (aai &
-	     (OP_ALG_AAI_RNG4_PS | OP_ALG_AAI_RNG4_AI | OP_ALG_AAI_RNG4_SK)))
-		return -EINVAL;
-
 	switch (rng_sh) {
 	case OP_ALG_AAI_RNG4_SH_0:
 	case OP_ALG_AAI_RNG4_SH_1:
diff --git a/drivers/common/dpaax/caamflib/rta/protocol_cmd.h b/drivers/common/dpaax/caamflib/rta/protocol_cmd.h
index e9f20703f2..ac5c8af716 100644
--- a/drivers/common/dpaax/caamflib/rta/protocol_cmd.h
+++ b/drivers/common/dpaax/caamflib/rta/protocol_cmd.h
@@ -32,9 +32,6 @@ __rta_ssl_proto(uint16_t protoinfo)
 	case OP_PCL_TLS_ECDHE_RSA_WITH_RC4_128_SHA:
 	case OP_PCL_TLS_ECDH_anon_WITH_RC4_128_SHA:
 	case OP_PCL_TLS_ECDHE_PSK_WITH_RC4_128_SHA:
-		if (rta_sec_era == RTA_SEC_ERA_7)
-			return -EINVAL;
-		/* fall through if not Era 7 */
 	case OP_PCL_TLS_RSA_EXPORT_WITH_DES40_CBC_SHA:
 	case OP_PCL_TLS_RSA_WITH_DES_CBC_SHA:
 	case OP_PCL_TLS_RSA_WITH_3DES_EDE_CBC_SHA:
@@ -215,9 +212,6 @@ __rta_ipsec_proto(uint16_t protoinfo)
 
 	switch (proto_cls1) {
 	case OP_PCL_IPSEC_AES_NULL_WITH_GMAC:
-		if (rta_sec_era < RTA_SEC_ERA_2)
-			return -EINVAL;
-		/* no break */
 	case OP_PCL_IPSEC_AES_CCM8:
 	case OP_PCL_IPSEC_AES_CCM12:
 	case OP_PCL_IPSEC_AES_CCM16:
@@ -229,9 +223,6 @@ __rta_ipsec_proto(uint16_t protoinfo)
 			return 0;
 		return -EINVAL;
 	case OP_PCL_IPSEC_NULL:
-		if (rta_sec_era < RTA_SEC_ERA_2)
-			return -EINVAL;
-		/* no break */
 	case OP_PCL_IPSEC_DES_IV64:
 	case OP_PCL_IPSEC_DES:
 	case OP_PCL_IPSEC_3DES:
@@ -351,9 +342,6 @@ __rta_blob_proto(uint16_t protoinfo)
 
 	switch (protoinfo & OP_PCL_BLOB_REG_MASK) {
 	case OP_PCL_BLOB_AFHA_SBOX:
-		if (rta_sec_era < RTA_SEC_ERA_3)
-			return -EINVAL;
-		/* no break */
 	case OP_PCL_BLOB_REG_MEMORY:
 	case OP_PCL_BLOB_REG_KEY1:
 	case OP_PCL_BLOB_REG_KEY2:
@@ -368,12 +356,6 @@ __rta_blob_proto(uint16_t protoinfo)
 static inline int
 __rta_dlc_proto(uint16_t protoinfo)
 {
-	if ((rta_sec_era < RTA_SEC_ERA_2) &&
-	    (protoinfo & (OP_PCL_PKPROT_DSA_MSG | OP_PCL_PKPROT_HASH_MASK |
-	     OP_PCL_PKPROT_EKT_Z | OP_PCL_PKPROT_DECRYPT_Z |
-	     OP_PCL_PKPROT_DECRYPT_PRI)))
-		return -EINVAL;
-
 	switch (protoinfo & OP_PCL_PKPROT_HASH_MASK) {
 	case OP_PCL_PKPROT_HASH_MD5:
 	case OP_PCL_PKPROT_HASH_SHA1:
@@ -482,9 +464,6 @@ __rta_dkp_proto(uint16_t protoinfo)
 static inline int
 __rta_3g_dcrc_proto(uint16_t protoinfo)
 {
-	if (rta_sec_era == RTA_SEC_ERA_7)
-		return -EINVAL;
-
 	switch (protoinfo) {
 	case OP_PCL_3G_DCRC_CRC7:
 	case OP_PCL_3G_DCRC_CRC11:
@@ -497,9 +476,6 @@ __rta_3g_dcrc_proto(uint16_t protoinfo)
 static inline int
 __rta_3g_rlc_proto(uint16_t protoinfo)
 {
-	if (rta_sec_era == RTA_SEC_ERA_7)
-		return -EINVAL;
-
 	switch (protoinfo) {
 	case OP_PCL_3G_RLC_NULL:
 	case OP_PCL_3G_RLC_KASUMI:
@@ -513,13 +489,8 @@ __rta_3g_rlc_proto(uint16_t protoinfo)
 static inline int
 __rta_lte_pdcp_proto(uint16_t protoinfo)
 {
-	if (rta_sec_era == RTA_SEC_ERA_7)
-		return -EINVAL;
-
 	switch (protoinfo) {
 	case OP_PCL_LTE_ZUC:
-		if (rta_sec_era < RTA_SEC_ERA_5)
-			break;
 	case OP_PCL_LTE_NULL:
 	case OP_PCL_LTE_SNOW:
 	case OP_PCL_LTE_AES:
-- 
2.25.1


^ permalink raw reply	[flat|nested] 33+ messages in thread

* [PATCH v2 08/14] crypto/dpaa_sec: fix secondary process probe
  2022-04-28 11:47 ` [PATCH v2 00/14] DPAA1 and DPAA2 crypto drivers changes Gagandeep Singh
                     ` (6 preceding siblings ...)
  2022-04-28 11:47   ` [PATCH v2 07/14] common/dpaax: remove obsolete code Gagandeep Singh
@ 2022-04-28 11:47   ` Gagandeep Singh
  2022-04-28 11:47   ` [PATCH v2 09/14] crypto/dpaa2_sec: per queue pair fle pool Gagandeep Singh
                     ` (6 subsequent siblings)
  14 siblings, 0 replies; 33+ messages in thread
From: Gagandeep Singh @ 2022-04-28 11:47 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Vanshika Shukla, stable

From: Vanshika Shukla <vanshika.shukla@nxp.com>

DPAA hardware supports non-i/o performing secondary
applications only. So we do not have to probe crypto
devices in secondary applications.

Fixes: c3e85bdcc6e6 ("crypto/dpaa_sec: add crypto driver for NXP DPAA platform")
Cc: stable@dpdk.org

Signed-off-by: Vanshika Shukla <vanshika.shukla@nxp.com>
---
 drivers/crypto/dpaa_sec/dpaa_sec.c | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c
index 23a94d7e41..6f2b4baf57 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
@@ -3766,23 +3766,24 @@ cryptodev_dpaa_sec_probe(struct rte_dpaa_driver *dpaa_drv __rte_unused,
 
 	int retval;
 
+	if (rte_eal_process_type() != RTE_PROC_PRIMARY)
+		return 0;
+
 	snprintf(cryptodev_name, sizeof(cryptodev_name), "%s", dpaa_dev->name);
 
 	cryptodev = rte_cryptodev_pmd_allocate(cryptodev_name, rte_socket_id());
 	if (cryptodev == NULL)
 		return -ENOMEM;
 
-	if (rte_eal_process_type() == RTE_PROC_PRIMARY) {
-		cryptodev->data->dev_private = rte_zmalloc_socket(
-					"cryptodev private structure",
-					sizeof(struct dpaa_sec_dev_private),
-					RTE_CACHE_LINE_SIZE,
-					rte_socket_id());
+	cryptodev->data->dev_private = rte_zmalloc_socket(
+				"cryptodev private structure",
+				sizeof(struct dpaa_sec_dev_private),
+				RTE_CACHE_LINE_SIZE,
+				rte_socket_id());
 
-		if (cryptodev->data->dev_private == NULL)
-			rte_panic("Cannot allocate memzone for private "
-					"device data");
-	}
+	if (cryptodev->data->dev_private == NULL)
+		rte_panic("Cannot allocate memzone for private "
+				"device data");
 
 	dpaa_dev->crypto_dev = cryptodev;
 	cryptodev->device = &dpaa_dev->device;
@@ -3824,8 +3825,7 @@ cryptodev_dpaa_sec_probe(struct rte_dpaa_driver *dpaa_drv __rte_unused,
 	retval = -ENXIO;
 out:
 	/* In case of error, cleanup is done */
-	if (rte_eal_process_type() == RTE_PROC_PRIMARY)
-		rte_free(cryptodev->data->dev_private);
+	rte_free(cryptodev->data->dev_private);
 
 	rte_cryptodev_pmd_release_device(cryptodev);
 
-- 
2.25.1


^ permalink raw reply	[flat|nested] 33+ messages in thread

* [PATCH v2 09/14] crypto/dpaa2_sec: per queue pair fle pool
  2022-04-28 11:47 ` [PATCH v2 00/14] DPAA1 and DPAA2 crypto drivers changes Gagandeep Singh
                     ` (7 preceding siblings ...)
  2022-04-28 11:47   ` [PATCH v2 08/14] crypto/dpaa_sec: fix secondary process probe Gagandeep Singh
@ 2022-04-28 11:47   ` Gagandeep Singh
  2022-04-28 11:47   ` [PATCH v2 10/14] crypto/dpaa2_sec: fix crypto op pointer value Gagandeep Singh
                     ` (5 subsequent siblings)
  14 siblings, 0 replies; 33+ messages in thread
From: Gagandeep Singh @ 2022-04-28 11:47 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh

Driver is creating a fle pool with a fixed number of
buffers for all queue pairs of a DPSECI object.
These fle buffers are equivalent to the number of descriptors.

In this patch, creating the fle pool for each queue pair
so that user can control the number of descriptors of a
queue pair using API rte_cryptodev_queue_pair_setup().

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/bus/fslmc/portal/dpaa2_hw_dpio.c    |   4 +-
 drivers/bus/fslmc/portal/dpaa2_hw_pvt.h     |   3 +-
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 190 ++++++++++----------
 drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h   |   5 +-
 drivers/net/dpaa2/dpaa2_ethdev.h            |   4 +-
 drivers/net/dpaa2/dpaa2_rxtx.c              |   3 +-
 6 files changed, 101 insertions(+), 108 deletions(-)

diff --git a/drivers/bus/fslmc/portal/dpaa2_hw_dpio.c b/drivers/bus/fslmc/portal/dpaa2_hw_dpio.c
index 943fadee48..22c51c1a82 100644
--- a/drivers/bus/fslmc/portal/dpaa2_hw_dpio.c
+++ b/drivers/bus/fslmc/portal/dpaa2_hw_dpio.c
@@ -1,7 +1,7 @@
 /* SPDX-License-Identifier: BSD-3-Clause
  *
  *   Copyright (c) 2016 Freescale Semiconductor, Inc. All rights reserved.
- *   Copyright 2016-2019 NXP
+ *   Copyright 2016-2022 NXP
  *
  */
 #include <unistd.h>
@@ -614,7 +614,7 @@ dpaa2_free_eq_descriptors(void)
 
 		if (qbman_result_eqresp_rc(eqresp)) {
 			txq = eqresp_meta->dpaa2_q;
-			txq->cb_eqresp_free(dpio_dev->eqresp_ci);
+			txq->cb_eqresp_free(dpio_dev->eqresp_ci, txq);
 		}
 		qbman_result_eqresp_set_rspid(eqresp, 0);
 
diff --git a/drivers/bus/fslmc/portal/dpaa2_hw_pvt.h b/drivers/bus/fslmc/portal/dpaa2_hw_pvt.h
index 36d68ea0aa..024fbf9935 100644
--- a/drivers/bus/fslmc/portal/dpaa2_hw_pvt.h
+++ b/drivers/bus/fslmc/portal/dpaa2_hw_pvt.h
@@ -147,7 +147,8 @@ typedef void (dpaa2_queue_cb_dqrr_t)(struct qbman_swp *swp,
 		struct dpaa2_queue *rxq,
 		struct rte_event *ev);
 
-typedef void (dpaa2_queue_cb_eqresp_free_t)(uint16_t eqresp_ci);
+typedef void (dpaa2_queue_cb_eqresp_free_t)(uint16_t eqresp_ci,
+					struct dpaa2_queue *dpaa2_q);
 
 struct dpaa2_queue {
 	struct rte_mempool *mb_pool; /**< mbuf pool to populate RX ring. */
diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index 2374d67978..86c8df241b 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -65,11 +65,10 @@ uint8_t cryptodev_driver_id;
 uint8_t dpaa2_sec_dp_dump = DPAA2_SEC_DP_ERR_DUMP;
 
 static inline void
-free_fle(const struct qbman_fd *fd)
+free_fle(const struct qbman_fd *fd, struct dpaa2_sec_qp *qp)
 {
 	struct qbman_fle *fle;
 	struct rte_crypto_op *op;
-	struct ctxt_priv *priv;
 
 #ifdef RTE_LIB_SECURITY
 	if (DPAA2_FD_GET_FORMAT(fd) == qbman_fd_single)
@@ -78,10 +77,9 @@ free_fle(const struct qbman_fd *fd)
 	fle = (struct qbman_fle *)DPAA2_IOVA_TO_VADDR(DPAA2_GET_FD_ADDR(fd));
 	op = (struct rte_crypto_op *)DPAA2_GET_FLE_ADDR((fle - 1));
 	/* free the fle memory */
-	if (likely(rte_pktmbuf_is_contiguous(op->sym->m_src))) {
-		priv = (struct ctxt_priv *)(size_t)DPAA2_GET_FLE_CTXT(fle - 1);
-		rte_mempool_put(priv->fle_pool, (void *)(fle-1));
-	} else
+	if (likely(rte_pktmbuf_is_contiguous(op->sym->m_src)))
+		rte_mempool_put(qp->fle_pool, (void *)(fle-1));
+	else
 		rte_free((void *)(fle-1));
 }
 
@@ -206,7 +204,7 @@ build_proto_compound_sg_fd(dpaa2_sec_session *sess,
 static inline int
 build_proto_compound_fd(dpaa2_sec_session *sess,
 	       struct rte_crypto_op *op,
-	       struct qbman_fd *fd, uint16_t bpid)
+	       struct qbman_fd *fd, uint16_t bpid, struct dpaa2_sec_qp *qp)
 {
 	struct rte_crypto_sym_op *sym_op = op->sym;
 	struct ctxt_priv *priv = sess->ctxt;
@@ -223,9 +221,9 @@ build_proto_compound_fd(dpaa2_sec_session *sess,
 	flc = &priv->flc_desc[0].flc;
 
 	/* we are using the first FLE entry to store Mbuf */
-	retval = rte_mempool_get(priv->fle_pool, (void **)(&fle));
+	retval = rte_mempool_get(qp->fle_pool, (void **)(&fle));
 	if (retval) {
-		DPAA2_SEC_DP_ERR("Memory alloc failed");
+		DPAA2_SEC_DP_DEBUG("Proto: Memory alloc failed");
 		return -ENOMEM;
 	}
 	memset(fle, 0, FLE_POOL_BUF_SIZE);
@@ -282,11 +280,11 @@ build_proto_compound_fd(dpaa2_sec_session *sess,
 static inline int
 build_proto_fd(dpaa2_sec_session *sess,
 	       struct rte_crypto_op *op,
-	       struct qbman_fd *fd, uint16_t bpid)
+	       struct qbman_fd *fd, uint16_t bpid, struct dpaa2_sec_qp *qp)
 {
 	struct rte_crypto_sym_op *sym_op = op->sym;
 	if (sym_op->m_dst)
-		return build_proto_compound_fd(sess, op, fd, bpid);
+		return build_proto_compound_fd(sess, op, fd, bpid, qp);
 
 	struct ctxt_priv *priv = sess->ctxt;
 	struct sec_flow_context *flc;
@@ -461,7 +459,8 @@ build_authenc_gcm_sg_fd(dpaa2_sec_session *sess,
 static inline int
 build_authenc_gcm_fd(dpaa2_sec_session *sess,
 		     struct rte_crypto_op *op,
-		     struct qbman_fd *fd, uint16_t bpid)
+		     struct qbman_fd *fd, uint16_t bpid,
+		     struct dpaa2_sec_qp *qp)
 {
 	struct rte_crypto_sym_op *sym_op = op->sym;
 	struct ctxt_priv *priv = sess->ctxt;
@@ -485,9 +484,9 @@ build_authenc_gcm_fd(dpaa2_sec_session *sess,
 	 * to get the MBUF Addr from the previous FLE.
 	 * We can have a better approach to use the inline Mbuf
 	 */
-	retval = rte_mempool_get(priv->fle_pool, (void **)(&fle));
+	retval = rte_mempool_get(qp->fle_pool, (void **)(&fle));
 	if (retval) {
-		DPAA2_SEC_ERR("GCM: Memory alloc failed for SGE");
+		DPAA2_SEC_DP_DEBUG("GCM: no buffer available in fle pool");
 		return -ENOMEM;
 	}
 	memset(fle, 0, FLE_POOL_BUF_SIZE);
@@ -748,7 +747,7 @@ build_authenc_sg_fd(dpaa2_sec_session *sess,
 static inline int
 build_authenc_fd(dpaa2_sec_session *sess,
 		 struct rte_crypto_op *op,
-		 struct qbman_fd *fd, uint16_t bpid)
+		 struct qbman_fd *fd, uint16_t bpid, struct dpaa2_sec_qp *qp)
 {
 	struct rte_crypto_sym_op *sym_op = op->sym;
 	struct ctxt_priv *priv = sess->ctxt;
@@ -777,9 +776,9 @@ build_authenc_fd(dpaa2_sec_session *sess,
 	 * to get the MBUF Addr from the previous FLE.
 	 * We can have a better approach to use the inline Mbuf
 	 */
-	retval = rte_mempool_get(priv->fle_pool, (void **)(&fle));
+	retval = rte_mempool_get(qp->fle_pool, (void **)(&fle));
 	if (retval) {
-		DPAA2_SEC_ERR("Memory alloc failed for SGE");
+		DPAA2_SEC_DP_DEBUG("AUTHENC: no buffer available in fle pool");
 		return -ENOMEM;
 	}
 	memset(fle, 0, FLE_POOL_BUF_SIZE);
@@ -1010,7 +1009,7 @@ static inline int build_auth_sg_fd(
 
 static inline int
 build_auth_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op,
-	      struct qbman_fd *fd, uint16_t bpid)
+	      struct qbman_fd *fd, uint16_t bpid, struct dpaa2_sec_qp *qp)
 {
 	struct rte_crypto_sym_op *sym_op = op->sym;
 	struct qbman_fle *fle, *sge;
@@ -1034,9 +1033,9 @@ build_auth_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op,
 		data_offset = data_offset >> 3;
 	}
 
-	retval = rte_mempool_get(priv->fle_pool, (void **)(&fle));
+	retval = rte_mempool_get(qp->fle_pool, (void **)(&fle));
 	if (retval) {
-		DPAA2_SEC_ERR("AUTH Memory alloc failed for SGE");
+		DPAA2_SEC_DP_DEBUG("AUTH: no buffer available in fle pool");
 		return -ENOMEM;
 	}
 	memset(fle, 0, FLE_POOL_BUF_SIZE);
@@ -1257,7 +1256,7 @@ build_cipher_sg_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op,
 
 static int
 build_cipher_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op,
-		struct qbman_fd *fd, uint16_t bpid)
+		struct qbman_fd *fd, uint16_t bpid, struct dpaa2_sec_qp *qp)
 {
 	struct rte_crypto_sym_op *sym_op = op->sym;
 	struct qbman_fle *fle, *sge;
@@ -1287,9 +1286,9 @@ build_cipher_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op,
 	else
 		dst = sym_op->m_src;
 
-	retval = rte_mempool_get(priv->fle_pool, (void **)(&fle));
+	retval = rte_mempool_get(qp->fle_pool, (void **)(&fle));
 	if (retval) {
-		DPAA2_SEC_ERR("CIPHER: Memory alloc failed for SGE");
+		DPAA2_SEC_DP_DEBUG("CIPHER: no buffer available in fle pool");
 		return -ENOMEM;
 	}
 	memset(fle, 0, FLE_POOL_BUF_SIZE);
@@ -1374,7 +1373,7 @@ build_cipher_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op,
 
 static inline int
 build_sec_fd(struct rte_crypto_op *op,
-	     struct qbman_fd *fd, uint16_t bpid)
+	     struct qbman_fd *fd, uint16_t bpid, struct dpaa2_sec_qp *qp)
 {
 	int ret = -1;
 	dpaa2_sec_session *sess;
@@ -1387,11 +1386,15 @@ build_sec_fd(struct rte_crypto_op *op,
 		sess = (dpaa2_sec_session *)get_sec_session_private_data(
 				op->sym->sec_session);
 #endif
-	else
+	else {
+		DPAA2_SEC_DP_ERR("Session type invalid\n");
 		return -ENOTSUP;
+	}
 
-	if (!sess)
+	if (!sess) {
+		DPAA2_SEC_DP_ERR("Session not available\n");
 		return -EINVAL;
+	}
 
 	/* Any of the buffer is segmented*/
 	if (!rte_pktmbuf_is_contiguous(op->sym->m_src) ||
@@ -1423,23 +1426,23 @@ build_sec_fd(struct rte_crypto_op *op,
 	} else {
 		switch (sess->ctxt_type) {
 		case DPAA2_SEC_CIPHER:
-			ret = build_cipher_fd(sess, op, fd, bpid);
+			ret = build_cipher_fd(sess, op, fd, bpid, qp);
 			break;
 		case DPAA2_SEC_AUTH:
-			ret = build_auth_fd(sess, op, fd, bpid);
+			ret = build_auth_fd(sess, op, fd, bpid, qp);
 			break;
 		case DPAA2_SEC_AEAD:
-			ret = build_authenc_gcm_fd(sess, op, fd, bpid);
+			ret = build_authenc_gcm_fd(sess, op, fd, bpid, qp);
 			break;
 		case DPAA2_SEC_CIPHER_HASH:
-			ret = build_authenc_fd(sess, op, fd, bpid);
+			ret = build_authenc_fd(sess, op, fd, bpid, qp);
 			break;
 #ifdef RTE_LIB_SECURITY
 		case DPAA2_SEC_IPSEC:
-			ret = build_proto_fd(sess, op, fd, bpid);
+			ret = build_proto_fd(sess, op, fd, bpid, qp);
 			break;
 		case DPAA2_SEC_PDCP:
-			ret = build_proto_compound_fd(sess, op, fd, bpid);
+			ret = build_proto_compound_fd(sess, op, fd, bpid, qp);
 			break;
 #endif
 		case DPAA2_SEC_HASH_CIPHER:
@@ -1513,10 +1516,9 @@ dpaa2_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,
 			memset(&fd_arr[loop], 0, sizeof(struct qbman_fd));
 			mb_pool = (*ops)->sym->m_src->pool;
 			bpid = mempool_to_bpid(mb_pool);
-			ret = build_sec_fd(*ops, &fd_arr[loop], bpid);
+			ret = build_sec_fd(*ops, &fd_arr[loop], bpid, dpaa2_qp);
 			if (ret) {
-				DPAA2_SEC_ERR("error: Improper packet contents"
-					      " for crypto operation");
+				DPAA2_SEC_DP_DEBUG("FD build failed\n");
 				goto skip_tx;
 			}
 			ops++;
@@ -1537,7 +1539,8 @@ dpaa2_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,
 					DPAA2_SEC_DP_DEBUG("Enqueue fail\n");
 					/* freeing the fle buffers */
 					while (loop < frames_to_send) {
-						free_fle(&fd_arr[loop]);
+						free_fle(&fd_arr[loop],
+								dpaa2_qp);
 						loop++;
 					}
 					goto skip_tx;
@@ -1593,11 +1596,10 @@ sec_simple_fd_to_mbuf(const struct qbman_fd *fd)
 #endif
 
 static inline struct rte_crypto_op *
-sec_fd_to_mbuf(const struct qbman_fd *fd)
+sec_fd_to_mbuf(const struct qbman_fd *fd, struct dpaa2_sec_qp *qp)
 {
 	struct qbman_fle *fle;
 	struct rte_crypto_op *op;
-	struct ctxt_priv *priv;
 	struct rte_mbuf *dst, *src;
 
 #ifdef RTE_LIB_SECURITY
@@ -1651,8 +1653,7 @@ sec_fd_to_mbuf(const struct qbman_fd *fd)
 
 	/* free the fle memory */
 	if (likely(rte_pktmbuf_is_contiguous(src))) {
-		priv = (struct ctxt_priv *)(size_t)DPAA2_GET_FLE_CTXT(fle - 1);
-		rte_mempool_put(priv->fle_pool, (void *)(fle-1));
+		rte_mempool_put(qp->fle_pool, (void *)(fle-1));
 	} else
 		rte_free((void *)(fle-1));
 
@@ -1737,14 +1738,17 @@ dpaa2_sec_dump(struct rte_crypto_op *op)
 }
 
 static void
-dpaa2_sec_free_eqresp_buf(uint16_t eqresp_ci)
+dpaa2_sec_free_eqresp_buf(uint16_t eqresp_ci,
+			  struct dpaa2_queue *dpaa2_q)
 {
 	struct dpaa2_dpio_dev *dpio_dev = DPAA2_PER_LCORE_DPIO;
 	struct rte_crypto_op *op;
 	struct qbman_fd *fd;
+	struct dpaa2_sec_qp *dpaa2_qp;
 
+	dpaa2_qp = container_of(dpaa2_q, struct dpaa2_sec_qp, tx_vq);
 	fd = qbman_result_eqresp_fd(&dpio_dev->eqresp[eqresp_ci]);
-	op = sec_fd_to_mbuf(fd);
+	op = sec_fd_to_mbuf(fd, dpaa2_qp);
 	/* Instead of freeing, enqueue it to the sec tx queue (sec->core)
 	 * after setting an error in FD. But this will have performance impact.
 	 */
@@ -1860,10 +1864,9 @@ dpaa2_sec_enqueue_burst_ordered(void *qp, struct rte_crypto_op **ops,
 			memset(&fd_arr[loop], 0, sizeof(struct qbman_fd));
 			mb_pool = (*ops)->sym->m_src->pool;
 			bpid = mempool_to_bpid(mb_pool);
-			ret = build_sec_fd(*ops, &fd_arr[loop], bpid);
+			ret = build_sec_fd(*ops, &fd_arr[loop], bpid, dpaa2_qp);
 			if (ret) {
-				DPAA2_SEC_ERR("error: Improper packet contents"
-					      " for crypto operation");
+				DPAA2_SEC_DP_DEBUG("FD build failed\n");
 				goto skip_tx;
 			}
 			ops++;
@@ -1883,7 +1886,8 @@ dpaa2_sec_enqueue_burst_ordered(void *qp, struct rte_crypto_op **ops,
 					DPAA2_SEC_DP_DEBUG("Enqueue fail\n");
 					/* freeing the fle buffers */
 					while (loop < frames_to_send) {
-						free_fle(&fd_arr[loop]);
+						free_fle(&fd_arr[loop],
+								dpaa2_qp);
 						loop++;
 					}
 					goto skip_tx;
@@ -1981,7 +1985,7 @@ dpaa2_sec_dequeue_burst(void *qp, struct rte_crypto_op **ops,
 		}
 
 		fd = qbman_result_DQ_fd(dq_storage);
-		ops[num_rx] = sec_fd_to_mbuf(fd);
+		ops[num_rx] = sec_fd_to_mbuf(fd, dpaa2_qp);
 
 		if (unlikely(fd->simple.frc)) {
 			/* TODO Parse SEC errors */
@@ -2023,6 +2027,7 @@ dpaa2_sec_queue_pair_release(struct rte_cryptodev *dev, uint16_t queue_pair_id)
 		dpaa2_free_dq_storage(qp->rx_vq.q_storage);
 		rte_free(qp->rx_vq.q_storage);
 	}
+	rte_mempool_free(qp->fle_pool);
 	rte_free(qp);
 
 	dev->data->queue_pairs[queue_pair_id] = NULL;
@@ -2033,7 +2038,7 @@ dpaa2_sec_queue_pair_release(struct rte_cryptodev *dev, uint16_t queue_pair_id)
 /** Setup a queue pair */
 static int
 dpaa2_sec_queue_pair_setup(struct rte_cryptodev *dev, uint16_t qp_id,
-		__rte_unused const struct rte_cryptodev_qp_conf *qp_conf,
+		const struct rte_cryptodev_qp_conf *qp_conf,
 		__rte_unused int socket_id)
 {
 	struct dpaa2_sec_dev_private *priv = dev->data->dev_private;
@@ -2041,6 +2046,7 @@ dpaa2_sec_queue_pair_setup(struct rte_cryptodev *dev, uint16_t qp_id,
 	struct fsl_mc_io *dpseci = (struct fsl_mc_io *)priv->hw;
 	struct dpseci_rx_queue_cfg cfg;
 	int32_t retcode;
+	char str[30];
 
 	PMD_INIT_FUNC_TRACE();
 
@@ -2080,6 +2086,19 @@ dpaa2_sec_queue_pair_setup(struct rte_cryptodev *dev, uint16_t qp_id,
 
 	dev->data->queue_pairs[qp_id] = qp;
 
+	snprintf(str, sizeof(str), "sec_fle_pool_p%d_%d_%d",
+			getpid(), dev->data->dev_id, qp_id);
+	qp->fle_pool = rte_mempool_create((const char *)str,
+			qp_conf->nb_descriptors,
+			FLE_POOL_BUF_SIZE,
+			FLE_POOL_CACHE_SIZE, 0,
+			NULL, NULL, NULL, NULL,
+			SOCKET_ID_ANY, MEMPOOL_F_SP_PUT | MEMPOOL_F_SC_GET);
+	if (!qp->fle_pool) {
+		DPAA2_SEC_ERR("Mempool (%s) creation failed", str);
+		return -ENOMEM;
+	}
+
 	cfg.options = cfg.options | DPSECI_QUEUE_OPT_USER_CTX;
 	cfg.user_ctx = (size_t)(&qp->rx_vq);
 	retcode = dpseci_set_rx_queue(dpseci, CMD_PRI_LOW, priv->token,
@@ -2097,11 +2116,9 @@ dpaa2_sec_sym_session_get_size(struct rte_cryptodev *dev __rte_unused)
 }
 
 static int
-dpaa2_sec_cipher_init(struct rte_cryptodev *dev,
-		      struct rte_crypto_sym_xform *xform,
+dpaa2_sec_cipher_init(struct rte_crypto_sym_xform *xform,
 		      dpaa2_sec_session *session)
 {
-	struct dpaa2_sec_dev_private *dev_priv = dev->data->dev_private;
 	struct alginfo cipherdata;
 	int bufsize, ret = 0;
 	struct ctxt_priv *priv;
@@ -2118,8 +2135,6 @@ dpaa2_sec_cipher_init(struct rte_cryptodev *dev,
 		return -ENOMEM;
 	}
 
-	priv->fle_pool = dev_priv->fle_pool;
-
 	flc = &priv->flc_desc[0].flc;
 
 	session->ctxt_type = DPAA2_SEC_CIPHER;
@@ -2238,11 +2253,9 @@ dpaa2_sec_cipher_init(struct rte_cryptodev *dev,
 }
 
 static int
-dpaa2_sec_auth_init(struct rte_cryptodev *dev,
-		    struct rte_crypto_sym_xform *xform,
+dpaa2_sec_auth_init(struct rte_crypto_sym_xform *xform,
 		    dpaa2_sec_session *session)
 {
-	struct dpaa2_sec_dev_private *dev_priv = dev->data->dev_private;
 	struct alginfo authdata;
 	int bufsize, ret = 0;
 	struct ctxt_priv *priv;
@@ -2260,7 +2273,6 @@ dpaa2_sec_auth_init(struct rte_cryptodev *dev,
 		return -ENOMEM;
 	}
 
-	priv->fle_pool = dev_priv->fle_pool;
 	flc = &priv->flc_desc[DESC_INITFINAL].flc;
 
 	session->ctxt_type = DPAA2_SEC_AUTH;
@@ -2476,12 +2488,10 @@ dpaa2_sec_auth_init(struct rte_cryptodev *dev,
 }
 
 static int
-dpaa2_sec_aead_init(struct rte_cryptodev *dev,
-		    struct rte_crypto_sym_xform *xform,
+dpaa2_sec_aead_init(struct rte_crypto_sym_xform *xform,
 		    dpaa2_sec_session *session)
 {
 	struct dpaa2_sec_aead_ctxt *ctxt = &session->ext_params.aead_ctxt;
-	struct dpaa2_sec_dev_private *dev_priv = dev->data->dev_private;
 	struct alginfo aeaddata;
 	int bufsize;
 	struct ctxt_priv *priv;
@@ -2505,7 +2515,6 @@ dpaa2_sec_aead_init(struct rte_cryptodev *dev,
 		return -ENOMEM;
 	}
 
-	priv->fle_pool = dev_priv->fle_pool;
 	flc = &priv->flc_desc[0].flc;
 
 	session->aead_key.data = rte_zmalloc(NULL, aead_xform->key.length,
@@ -2601,11 +2610,9 @@ dpaa2_sec_aead_init(struct rte_cryptodev *dev,
 
 
 static int
-dpaa2_sec_aead_chain_init(struct rte_cryptodev *dev,
-		    struct rte_crypto_sym_xform *xform,
+dpaa2_sec_aead_chain_init(struct rte_crypto_sym_xform *xform,
 		    dpaa2_sec_session *session)
 {
-	struct dpaa2_sec_dev_private *dev_priv = dev->data->dev_private;
 	struct alginfo authdata, cipherdata;
 	int bufsize;
 	struct ctxt_priv *priv;
@@ -2643,7 +2650,6 @@ dpaa2_sec_aead_chain_init(struct rte_cryptodev *dev,
 		return -ENOMEM;
 	}
 
-	priv->fle_pool = dev_priv->fle_pool;
 	flc = &priv->flc_desc[0].flc;
 
 	session->cipher_key.data = rte_zmalloc(NULL, cipher_xform->key.length,
@@ -2849,8 +2855,7 @@ dpaa2_sec_aead_chain_init(struct rte_cryptodev *dev,
 }
 
 static int
-dpaa2_sec_set_session_parameters(struct rte_cryptodev *dev,
-			    struct rte_crypto_sym_xform *xform,	void *sess)
+dpaa2_sec_set_session_parameters(struct rte_crypto_sym_xform *xform, void *sess)
 {
 	dpaa2_sec_session *session = sess;
 	int ret;
@@ -2868,37 +2873,37 @@ dpaa2_sec_set_session_parameters(struct rte_cryptodev *dev,
 
 	/* Cipher Only */
 	if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER && xform->next == NULL) {
-		ret = dpaa2_sec_cipher_init(dev, xform, session);
+		ret = dpaa2_sec_cipher_init(xform, session);
 
 	/* Authentication Only */
 	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
 		   xform->next == NULL) {
-		ret = dpaa2_sec_auth_init(dev, xform, session);
+		ret = dpaa2_sec_auth_init(xform, session);
 
 	/* Cipher then Authenticate */
 	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
 		   xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH) {
 		session->ext_params.aead_ctxt.auth_cipher_text = true;
 		if (xform->cipher.algo == RTE_CRYPTO_CIPHER_NULL)
-			ret = dpaa2_sec_auth_init(dev, xform, session);
+			ret = dpaa2_sec_auth_init(xform, session);
 		else if (xform->next->auth.algo == RTE_CRYPTO_AUTH_NULL)
-			ret = dpaa2_sec_cipher_init(dev, xform, session);
+			ret = dpaa2_sec_cipher_init(xform, session);
 		else
-			ret = dpaa2_sec_aead_chain_init(dev, xform, session);
+			ret = dpaa2_sec_aead_chain_init(xform, session);
 	/* Authenticate then Cipher */
 	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
 		   xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER) {
 		session->ext_params.aead_ctxt.auth_cipher_text = false;
 		if (xform->auth.algo == RTE_CRYPTO_AUTH_NULL)
-			ret = dpaa2_sec_cipher_init(dev, xform, session);
+			ret = dpaa2_sec_cipher_init(xform, session);
 		else if (xform->next->cipher.algo == RTE_CRYPTO_CIPHER_NULL)
-			ret = dpaa2_sec_auth_init(dev, xform, session);
+			ret = dpaa2_sec_auth_init(xform, session);
 		else
-			ret = dpaa2_sec_aead_chain_init(dev, xform, session);
+			ret = dpaa2_sec_aead_chain_init(xform, session);
 	/* AEAD operation for AES-GCM kind of Algorithms */
 	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AEAD &&
 		   xform->next == NULL) {
-		ret = dpaa2_sec_aead_init(dev, xform, session);
+		ret = dpaa2_sec_aead_init(xform, session);
 
 	} else {
 		DPAA2_SEC_ERR("Invalid crypto type");
@@ -3147,7 +3152,6 @@ dpaa2_sec_set_ipsec_session(struct rte_cryptodev *dev,
 	struct alginfo authdata, cipherdata;
 	int bufsize;
 	struct sec_flow_context *flc;
-	struct dpaa2_sec_dev_private *dev_priv = dev->data->dev_private;
 	int ret = -1;
 
 	PMD_INIT_FUNC_TRACE();
@@ -3162,7 +3166,6 @@ dpaa2_sec_set_ipsec_session(struct rte_cryptodev *dev,
 		return -ENOMEM;
 	}
 
-	priv->fle_pool = dev_priv->fle_pool;
 	flc = &priv->flc_desc[0].flc;
 
 	if (ipsec_xform->life.bytes_hard_limit != 0 ||
@@ -3395,7 +3398,6 @@ dpaa2_sec_set_pdcp_session(struct rte_cryptodev *dev,
 	struct rte_crypto_cipher_xform *cipher_xform = NULL;
 	dpaa2_sec_session *session = (dpaa2_sec_session *)sess;
 	struct ctxt_priv *priv;
-	struct dpaa2_sec_dev_private *dev_priv = dev->data->dev_private;
 	struct alginfo authdata, cipherdata;
 	struct alginfo *p_authdata = NULL;
 	int bufsize = -1;
@@ -3420,7 +3422,6 @@ dpaa2_sec_set_pdcp_session(struct rte_cryptodev *dev,
 		return -ENOMEM;
 	}
 
-	priv->fle_pool = dev_priv->fle_pool;
 	flc = &priv->flc_desc[0].flc;
 
 	/* find xfrm types */
@@ -3758,7 +3759,7 @@ dpaa2_sec_sym_session_configure(struct rte_cryptodev *dev,
 		return -ENOMEM;
 	}
 
-	ret = dpaa2_sec_set_session_parameters(dev, xform, sess_private_data);
+	ret = dpaa2_sec_set_session_parameters(xform, sess_private_data);
 	if (ret != 0) {
 		DPAA2_SEC_ERR("Failed to configure session parameters");
 		/* Return session to mempool */
@@ -3989,6 +3990,7 @@ dpaa2_sec_process_parallel_event(struct qbman_swp *swp,
 				 struct dpaa2_queue *rxq,
 				 struct rte_event *ev)
 {
+	struct dpaa2_sec_qp *qp;
 	/* Prefetching mbuf */
 	rte_prefetch0((void *)(size_t)(DPAA2_GET_FD_ADDR(fd)-
 		rte_dpaa2_bpid_info[DPAA2_GET_FD_BPID(fd)].meta_data_size));
@@ -3996,6 +3998,7 @@ dpaa2_sec_process_parallel_event(struct qbman_swp *swp,
 	/* Prefetching ipsec crypto_op stored in priv data of mbuf */
 	rte_prefetch0((void *)(size_t)(DPAA2_GET_FD_ADDR(fd)-64));
 
+	qp = container_of(rxq, struct dpaa2_sec_qp, rx_vq);
 	ev->flow_id = rxq->ev.flow_id;
 	ev->sub_event_type = rxq->ev.sub_event_type;
 	ev->event_type = RTE_EVENT_TYPE_CRYPTODEV;
@@ -4003,7 +4006,7 @@ dpaa2_sec_process_parallel_event(struct qbman_swp *swp,
 	ev->sched_type = rxq->ev.sched_type;
 	ev->queue_id = rxq->ev.queue_id;
 	ev->priority = rxq->ev.priority;
-	ev->event_ptr = sec_fd_to_mbuf(fd);
+	ev->event_ptr = sec_fd_to_mbuf(fd, qp);
 
 	qbman_swp_dqrr_consume(swp, dq);
 }
@@ -4015,6 +4018,7 @@ dpaa2_sec_process_atomic_event(struct qbman_swp *swp __rte_unused,
 				 struct rte_event *ev)
 {
 	uint8_t dqrr_index;
+	struct dpaa2_sec_qp *qp;
 	struct rte_crypto_op *crypto_op = (struct rte_crypto_op *)ev->event_ptr;
 	/* Prefetching mbuf */
 	rte_prefetch0((void *)(size_t)(DPAA2_GET_FD_ADDR(fd)-
@@ -4023,6 +4027,7 @@ dpaa2_sec_process_atomic_event(struct qbman_swp *swp __rte_unused,
 	/* Prefetching ipsec crypto_op stored in priv data of mbuf */
 	rte_prefetch0((void *)(size_t)(DPAA2_GET_FD_ADDR(fd)-64));
 
+	qp = container_of(rxq, struct dpaa2_sec_qp, rx_vq);
 	ev->flow_id = rxq->ev.flow_id;
 	ev->sub_event_type = rxq->ev.sub_event_type;
 	ev->event_type = RTE_EVENT_TYPE_CRYPTODEV;
@@ -4031,7 +4036,7 @@ dpaa2_sec_process_atomic_event(struct qbman_swp *swp __rte_unused,
 	ev->queue_id = rxq->ev.queue_id;
 	ev->priority = rxq->ev.priority;
 
-	ev->event_ptr = sec_fd_to_mbuf(fd);
+	ev->event_ptr = sec_fd_to_mbuf(fd, qp);
 	dqrr_index = qbman_get_dqrr_idx(dq);
 	*dpaa2_seqn(crypto_op->sym->m_src) = QBMAN_ENQUEUE_FLAG_DCA | dqrr_index;
 	DPAA2_PER_LCORE_DQRR_SIZE++;
@@ -4047,6 +4052,7 @@ dpaa2_sec_process_ordered_event(struct qbman_swp *swp,
 				struct rte_event *ev)
 {
 	struct rte_crypto_op *crypto_op = (struct rte_crypto_op *)ev->event_ptr;
+	struct dpaa2_sec_qp *qp;
 
 	/* Prefetching mbuf */
 	rte_prefetch0((void *)(size_t)(DPAA2_GET_FD_ADDR(fd)-
@@ -4055,6 +4061,7 @@ dpaa2_sec_process_ordered_event(struct qbman_swp *swp,
 	/* Prefetching ipsec crypto_op stored in priv data of mbuf */
 	rte_prefetch0((void *)(size_t)(DPAA2_GET_FD_ADDR(fd)-64));
 
+	qp = container_of(rxq, struct dpaa2_sec_qp, rx_vq);
 	ev->flow_id = rxq->ev.flow_id;
 	ev->sub_event_type = rxq->ev.sub_event_type;
 	ev->event_type = RTE_EVENT_TYPE_CRYPTODEV;
@@ -4062,7 +4069,7 @@ dpaa2_sec_process_ordered_event(struct qbman_swp *swp,
 	ev->sched_type = rxq->ev.sched_type;
 	ev->queue_id = rxq->ev.queue_id;
 	ev->priority = rxq->ev.priority;
-	ev->event_ptr = sec_fd_to_mbuf(fd);
+	ev->event_ptr = sec_fd_to_mbuf(fd, qp);
 
 	*dpaa2_seqn(crypto_op->sym->m_src) = DPAA2_ENQUEUE_FLAG_ORP;
 	*dpaa2_seqn(crypto_op->sym->m_src) |= qbman_result_DQ_odpid(dq) <<
@@ -4236,7 +4243,6 @@ dpaa2_sec_uninit(const struct rte_cryptodev *dev)
 	priv->hw = NULL;
 	rte_free(dpseci);
 	rte_free(dev->security_ctx);
-	rte_mempool_free(priv->fle_pool);
 
 	DPAA2_SEC_INFO("Closing DPAA2_SEC device %s on numa socket %u",
 		       dev->data->name, rte_socket_id());
@@ -4304,7 +4310,6 @@ dpaa2_sec_dev_init(struct rte_cryptodev *cryptodev)
 	uint16_t token;
 	struct dpseci_attr attr;
 	int retcode, hw_id;
-	char str[30];
 
 	PMD_INIT_FUNC_TRACE();
 	dpaa2_dev = container_of(dev, struct rte_dpaa2_device, device);
@@ -4380,19 +4385,6 @@ dpaa2_sec_dev_init(struct rte_cryptodev *cryptodev)
 	internals->token = token;
 	internals->en_loose_ordered = true;
 
-	snprintf(str, sizeof(str), "sec_fle_pool_p%d_%d",
-			getpid(), cryptodev->data->dev_id);
-	internals->fle_pool = rte_mempool_create((const char *)str,
-			FLE_POOL_NUM_BUFS,
-			FLE_POOL_BUF_SIZE,
-			FLE_POOL_CACHE_SIZE, 0,
-			NULL, NULL, NULL, NULL,
-			SOCKET_ID_ANY, 0);
-	if (!internals->fle_pool) {
-		DPAA2_SEC_ERR("Mempool (%s) creation failed", str);
-		goto init_error;
-	}
-
 	dpaa2_sec_get_devargs(cryptodev, DRIVER_DUMP_MODE);
 	dpaa2_sec_get_devargs(cryptodev, DRIVER_STRICT_ORDER);
 	DPAA2_SEC_INFO("driver %s: created", cryptodev->data->name);
diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h b/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h
index 3094778a7a..63f4c64aab 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h
@@ -1,7 +1,7 @@
 /* SPDX-License-Identifier: BSD-3-Clause
  *
  *   Copyright (c) 2016 Freescale Semiconductor, Inc. All rights reserved.
- *   Copyright 2016,2020-2021 NXP
+ *   Copyright 2016,2020-2022 NXP
  *
  */
 
@@ -31,7 +31,6 @@ extern uint8_t cryptodev_driver_id;
 struct dpaa2_sec_dev_private {
 	void *mc_portal; /**< MC Portal for configuring this device */
 	void *hw; /**< Hardware handle for this device.Used by NADK framework */
-	struct rte_mempool *fle_pool; /* per device memory pool for FLE */
 	int32_t hw_id; /**< An unique ID of this device instance */
 	int32_t vfio_fd; /**< File descriptor received via VFIO */
 	uint16_t token; /**< Token required by DPxxx objects */
@@ -44,6 +43,7 @@ struct dpaa2_sec_dev_private {
 struct dpaa2_sec_qp {
 	struct dpaa2_queue rx_vq;
 	struct dpaa2_queue tx_vq;
+	struct rte_mempool *fle_pool; /* per device memory pool for FLE */
 };
 
 enum shr_desc_type {
@@ -127,7 +127,6 @@ struct sec_flc_desc {
 };
 
 struct ctxt_priv {
-	struct rte_mempool *fle_pool; /* per device memory pool for FLE */
 	struct sec_flc_desc flc_desc[0];
 };
 
diff --git a/drivers/net/dpaa2/dpaa2_ethdev.h b/drivers/net/dpaa2/dpaa2_ethdev.h
index e79a7fc2e2..a459181139 100644
--- a/drivers/net/dpaa2/dpaa2_ethdev.h
+++ b/drivers/net/dpaa2/dpaa2_ethdev.h
@@ -1,7 +1,7 @@
 /* SPDX-License-Identifier: BSD-3-Clause
  *
  *   Copyright (c) 2015-2016 Freescale Semiconductor, Inc. All rights reserved.
- *   Copyright 2016-2021 NXP
+ *   Copyright 2016-2022 NXP
  *
  */
 
@@ -264,7 +264,7 @@ __rte_internal
 uint16_t dpaa2_dev_tx_multi_txq_ordered(void **queue,
 		struct rte_mbuf **bufs, uint16_t nb_pkts);
 
-void dpaa2_dev_free_eqresp_buf(uint16_t eqresp_ci);
+void dpaa2_dev_free_eqresp_buf(uint16_t eqresp_ci, struct dpaa2_queue *dpaa2_q);
 void dpaa2_flow_clean(struct rte_eth_dev *dev);
 uint16_t dpaa2_dev_tx_conf(void *queue)  __rte_unused;
 int dpaa2_dev_is_dpaa2(struct rte_eth_dev *dev);
diff --git a/drivers/net/dpaa2/dpaa2_rxtx.c b/drivers/net/dpaa2/dpaa2_rxtx.c
index b8844fbdf1..39bfddd804 100644
--- a/drivers/net/dpaa2/dpaa2_rxtx.c
+++ b/drivers/net/dpaa2/dpaa2_rxtx.c
@@ -1408,7 +1408,8 @@ dpaa2_dev_tx(void *queue, struct rte_mbuf **bufs, uint16_t nb_pkts)
 }
 
 void
-dpaa2_dev_free_eqresp_buf(uint16_t eqresp_ci)
+dpaa2_dev_free_eqresp_buf(uint16_t eqresp_ci,
+			  __rte_unused struct dpaa2_queue *dpaa2_q)
 {
 	struct dpaa2_dpio_dev *dpio_dev = DPAA2_PER_LCORE_DPIO;
 	struct qbman_fd *fd;
-- 
2.25.1


^ permalink raw reply	[flat|nested] 33+ messages in thread

* [PATCH v2 10/14] crypto/dpaa2_sec: fix crypto op pointer value
  2022-04-28 11:47 ` [PATCH v2 00/14] DPAA1 and DPAA2 crypto drivers changes Gagandeep Singh
                     ` (8 preceding siblings ...)
  2022-04-28 11:47   ` [PATCH v2 09/14] crypto/dpaa2_sec: per queue pair fle pool Gagandeep Singh
@ 2022-04-28 11:47   ` Gagandeep Singh
  2022-04-28 11:47   ` [PATCH v2 11/14] crypto/dpaa2_sec: fix operation status for simple FD Gagandeep Singh
                     ` (4 subsequent siblings)
  14 siblings, 0 replies; 33+ messages in thread
From: Gagandeep Singh @ 2022-04-28 11:47 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh, stable

Driver is filling the crypto_op variable with an invalid value
for atomic and ordered events which can results into
segmentation fault.

This patch assigning the correct crypto_op and event buffer
pointers by extracting from FD.

Fixes: a77db24643b7 ("crypto/dpaa2_sec: support atomic queues")
Fixes: 4562de326d30 ("crypto/dpaa2_sec: support ordered queue")
Cc: stable@dpdk.org

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index 86c8df241b..9f2b384af9 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -4019,7 +4019,7 @@ dpaa2_sec_process_atomic_event(struct qbman_swp *swp __rte_unused,
 {
 	uint8_t dqrr_index;
 	struct dpaa2_sec_qp *qp;
-	struct rte_crypto_op *crypto_op = (struct rte_crypto_op *)ev->event_ptr;
+	struct rte_crypto_op *crypto_op;
 	/* Prefetching mbuf */
 	rte_prefetch0((void *)(size_t)(DPAA2_GET_FD_ADDR(fd)-
 		rte_dpaa2_bpid_info[DPAA2_GET_FD_BPID(fd)].meta_data_size));
@@ -4036,12 +4036,13 @@ dpaa2_sec_process_atomic_event(struct qbman_swp *swp __rte_unused,
 	ev->queue_id = rxq->ev.queue_id;
 	ev->priority = rxq->ev.priority;
 
-	ev->event_ptr = sec_fd_to_mbuf(fd, qp);
+	crypto_op = sec_fd_to_mbuf(fd, qp);
 	dqrr_index = qbman_get_dqrr_idx(dq);
 	*dpaa2_seqn(crypto_op->sym->m_src) = QBMAN_ENQUEUE_FLAG_DCA | dqrr_index;
 	DPAA2_PER_LCORE_DQRR_SIZE++;
 	DPAA2_PER_LCORE_DQRR_HELD |= 1 << dqrr_index;
 	DPAA2_PER_LCORE_DQRR_MBUF(dqrr_index) = crypto_op->sym->m_src;
+	ev->event_ptr = crypto_op;
 }
 
 static void __rte_hot
@@ -4051,7 +4052,7 @@ dpaa2_sec_process_ordered_event(struct qbman_swp *swp,
 				struct dpaa2_queue *rxq,
 				struct rte_event *ev)
 {
-	struct rte_crypto_op *crypto_op = (struct rte_crypto_op *)ev->event_ptr;
+	struct rte_crypto_op *crypto_op;
 	struct dpaa2_sec_qp *qp;
 
 	/* Prefetching mbuf */
@@ -4069,7 +4070,7 @@ dpaa2_sec_process_ordered_event(struct qbman_swp *swp,
 	ev->sched_type = rxq->ev.sched_type;
 	ev->queue_id = rxq->ev.queue_id;
 	ev->priority = rxq->ev.priority;
-	ev->event_ptr = sec_fd_to_mbuf(fd, qp);
+	crypto_op = sec_fd_to_mbuf(fd, qp);
 
 	*dpaa2_seqn(crypto_op->sym->m_src) = DPAA2_ENQUEUE_FLAG_ORP;
 	*dpaa2_seqn(crypto_op->sym->m_src) |= qbman_result_DQ_odpid(dq) <<
@@ -4078,6 +4079,7 @@ dpaa2_sec_process_ordered_event(struct qbman_swp *swp,
 		DPAA2_EQCR_SEQNUM_SHIFT;
 
 	qbman_swp_dqrr_consume(swp, dq);
+	ev->event_ptr = crypto_op;
 }
 
 int
-- 
2.25.1


^ permalink raw reply	[flat|nested] 33+ messages in thread

* [PATCH v2 11/14] crypto/dpaa2_sec: fix operation status for simple FD
  2022-04-28 11:47 ` [PATCH v2 00/14] DPAA1 and DPAA2 crypto drivers changes Gagandeep Singh
                     ` (9 preceding siblings ...)
  2022-04-28 11:47   ` [PATCH v2 10/14] crypto/dpaa2_sec: fix crypto op pointer value Gagandeep Singh
@ 2022-04-28 11:47   ` Gagandeep Singh
  2022-04-28 11:47   ` [PATCH v2 12/14] bus/dpaa: remove unused thread specific variables Gagandeep Singh
                     ` (3 subsequent siblings)
  14 siblings, 0 replies; 33+ messages in thread
From: Gagandeep Singh @ 2022-04-28 11:47 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh, stable

Driver is not filling the operation status on dequeue
in case the FD is simple.

So setting the status as per the results.

Fixes: 0a23d4b6f4c2 ("crypto/dpaa2_sec: support protocol offload IPsec")
Cc: stable@dpdk.org

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index 9f2b384af9..8444f1a795 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -1591,6 +1591,14 @@ sec_simple_fd_to_mbuf(const struct qbman_fd *fd)
 	else
 		mbuf->data_off += SEC_FLC_DHR_INBOUND;
 
+	if (unlikely(fd->simple.frc)) {
+		DPAA2_SEC_ERR("SEC returned Error - %x",
+				fd->simple.frc);
+		op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+	} else {
+		op->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
+	}
+
 	return op;
 }
 #endif
-- 
2.25.1


^ permalink raw reply	[flat|nested] 33+ messages in thread

* [PATCH v2 12/14] bus/dpaa: remove unused thread specific variables
  2022-04-28 11:47 ` [PATCH v2 00/14] DPAA1 and DPAA2 crypto drivers changes Gagandeep Singh
                     ` (10 preceding siblings ...)
  2022-04-28 11:47   ` [PATCH v2 11/14] crypto/dpaa2_sec: fix operation status for simple FD Gagandeep Singh
@ 2022-04-28 11:47   ` Gagandeep Singh
  2022-04-28 11:47   ` [PATCH v2 13/14] crypto/dpaa_sec: move cdb prepration to session create Gagandeep Singh
                     ` (2 subsequent siblings)
  14 siblings, 0 replies; 33+ messages in thread
From: Gagandeep Singh @ 2022-04-28 11:47 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh

There are some crypto driver related thread specific
variables which are no longer used, so removing them.

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/bus/dpaa/rte_dpaa_bus.h    | 8 +-------
 drivers/crypto/dpaa_sec/dpaa_sec.c | 4 ----
 2 files changed, 1 insertion(+), 11 deletions(-)

diff --git a/drivers/bus/dpaa/rte_dpaa_bus.h b/drivers/bus/dpaa/rte_dpaa_bus.h
index 54bb1436fd..1f04d9ebd3 100644
--- a/drivers/bus/dpaa/rte_dpaa_bus.h
+++ b/drivers/bus/dpaa/rte_dpaa_bus.h
@@ -1,6 +1,6 @@
 /* SPDX-License-Identifier: BSD-3-Clause
  *
- *   Copyright 2017-2020 NXP
+ *   Copyright 2017-2022 NXP
  *
  */
 #ifndef __RTE_DPAA_BUS_H__
@@ -138,8 +138,6 @@ struct dpaa_portal {
 	uint32_t bman_idx; /**< BMAN Portal ID*/
 	uint32_t qman_idx; /**< QMAN Portal ID*/
 	struct dpaa_portal_dqrr dpaa_held_bufs;
-	struct rte_crypto_op **dpaa_sec_ops;
-	int dpaa_sec_op_nb;
 	uint64_t tid;/**< Parent Thread id for this portal */
 };
 
@@ -153,10 +151,6 @@ RTE_DECLARE_PER_LCORE(struct dpaa_portal *, dpaa_io);
 	RTE_PER_LCORE(dpaa_io)->dpaa_held_bufs.dqrr_held
 #define DPAA_PER_LCORE_DQRR_MBUF(i) \
 	RTE_PER_LCORE(dpaa_io)->dpaa_held_bufs.mbuf[i]
-#define DPAA_PER_LCORE_RTE_CRYPTO_OP \
-	RTE_PER_LCORE(dpaa_io)->dpaa_sec_ops
-#define DPAA_PER_LCORE_DPAA_SEC_OP_NB \
-	RTE_PER_LCORE(dpaa_io)->dpaa_sec_op_nb
 
 /* Various structures representing contiguous memory maps */
 struct dpaa_memseg {
diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c
index 6f2b4baf57..875df0bfc6 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
@@ -152,9 +152,6 @@ dqrr_out_fq_cb_rx(struct qman_portal *qm __always_unused,
 	struct dpaa_sec_job *job;
 	struct dpaa_sec_op_ctx *ctx;
 
-	if (DPAA_PER_LCORE_DPAA_SEC_OP_NB >= DPAA_SEC_BURST)
-		return qman_cb_dqrr_defer;
-
 	if (!(dqrr->stat & QM_DQRR_STAT_FD_VALID))
 		return qman_cb_dqrr_consume;
 
@@ -183,7 +180,6 @@ dqrr_out_fq_cb_rx(struct qman_portal *qm __always_unused,
 		}
 		mbuf->data_len = len;
 	}
-	DPAA_PER_LCORE_RTE_CRYPTO_OP[DPAA_PER_LCORE_DPAA_SEC_OP_NB++] = ctx->op;
 	dpaa_sec_op_ending(ctx);
 
 	return qman_cb_dqrr_consume;
-- 
2.25.1


^ permalink raw reply	[flat|nested] 33+ messages in thread

* [PATCH v2 13/14] crypto/dpaa_sec: move cdb prepration to session create
  2022-04-28 11:47 ` [PATCH v2 00/14] DPAA1 and DPAA2 crypto drivers changes Gagandeep Singh
                     ` (11 preceding siblings ...)
  2022-04-28 11:47   ` [PATCH v2 12/14] bus/dpaa: remove unused thread specific variables Gagandeep Singh
@ 2022-04-28 11:47   ` Gagandeep Singh
  2022-04-28 11:47   ` [PATCH v2 14/14] common/dpaax: fix short MAC-I IV calculation for zuc Gagandeep Singh
  2022-04-29  9:29   ` [EXT] [PATCH v2 00/14] DPAA1 and DPAA2 crypto drivers changes Akhil Goyal
  14 siblings, 0 replies; 33+ messages in thread
From: Gagandeep Singh @ 2022-04-28 11:47 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh

Driver is preparing the shared descriptor of session while
attaching the session to a queue pair.
It should be prepared on session create.

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/crypto/dpaa_sec/dpaa_sec.c | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c
index 875df0bfc6..05415dbf3b 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
@@ -2548,11 +2548,6 @@ dpaa_sec_attach_sess_q(struct dpaa_sec_qp *qp, dpaa_sec_session *sess)
 	int ret;
 
 	sess->qp[rte_lcore_id() % MAX_DPAA_CORES] = qp;
-	ret = dpaa_sec_prep_cdb(sess);
-	if (ret) {
-		DPAA_SEC_ERR("Unable to prepare sec cdb");
-		return ret;
-	}
 	if (unlikely(!DPAA_PER_LCORE_PORTAL)) {
 		ret = rte_dpaa_portal_init((void *)0);
 		if (ret) {
@@ -2706,6 +2701,11 @@ dpaa_sec_sym_session_configure(struct rte_cryptodev *dev,
 	set_sym_session_private_data(sess, dev->driver_id,
 			sess_private_data);
 
+	ret = dpaa_sec_prep_cdb(sess_private_data);
+	if (ret) {
+		DPAA_SEC_ERR("Unable to prepare sec cdb");
+		return ret;
+	}
 
 	return 0;
 }
@@ -3304,6 +3304,12 @@ dpaa_sec_security_session_create(void *dev,
 
 	set_sec_session_private_data(sess, sess_private_data);
 
+	ret = dpaa_sec_prep_cdb(sess_private_data);
+	if (ret) {
+		DPAA_SEC_ERR("Unable to prepare sec cdb");
+		return ret;
+	}
+
 	return ret;
 }
 
-- 
2.25.1


^ permalink raw reply	[flat|nested] 33+ messages in thread

* [PATCH v2 14/14] common/dpaax: fix short MAC-I IV calculation for zuc
  2022-04-28 11:47 ` [PATCH v2 00/14] DPAA1 and DPAA2 crypto drivers changes Gagandeep Singh
                     ` (12 preceding siblings ...)
  2022-04-28 11:47   ` [PATCH v2 13/14] crypto/dpaa_sec: move cdb prepration to session create Gagandeep Singh
@ 2022-04-28 11:47   ` Gagandeep Singh
  2022-04-29  9:29   ` [EXT] [PATCH v2 00/14] DPAA1 and DPAA2 crypto drivers changes Akhil Goyal
  14 siblings, 0 replies; 33+ messages in thread
From: Gagandeep Singh @ 2022-04-28 11:47 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh, stable

Fixing the IV caluclation for zuc based short MAC-I
as per the HW security engine guidelines.

Fixes: 73a24060cd70 ("crypto/dpaa2_sec: add sample PDCP descriptor APIs")
Cc: stable@dpdk.org

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/common/dpaax/caamflib/desc/pdcp.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/common/dpaax/caamflib/desc/pdcp.h b/drivers/common/dpaax/caamflib/desc/pdcp.h
index 46153b9c29..289ee2a7d5 100644
--- a/drivers/common/dpaax/caamflib/desc/pdcp.h
+++ b/drivers/common/dpaax/caamflib/desc/pdcp.h
@@ -3066,7 +3066,7 @@ cnstr_shdsc_pdcp_short_mac(uint32_t *descbuf,
 
 	case PDCP_AUTH_TYPE_ZUC:
 		iv[0] = 0xFFFFFFFF;
-		iv[1] = swap ? swab32(0xFC000000) : 0xFC000000;
+		iv[1] = swab32(0xFC000000);
 		iv[2] = 0x00000000; /* unused */
 
 		KEY(p, KEY2, authdata->key_enc_flags, authdata->key,
-- 
2.25.1


^ permalink raw reply	[flat|nested] 33+ messages in thread

* RE: [EXT] [PATCH v2 00/14] DPAA1 and DPAA2 crypto drivers changes
  2022-04-28 11:47 ` [PATCH v2 00/14] DPAA1 and DPAA2 crypto drivers changes Gagandeep Singh
                     ` (13 preceding siblings ...)
  2022-04-28 11:47   ` [PATCH v2 14/14] common/dpaax: fix short MAC-I IV calculation for zuc Gagandeep Singh
@ 2022-04-29  9:29   ` Akhil Goyal
  14 siblings, 0 replies; 33+ messages in thread
From: Akhil Goyal @ 2022-04-29  9:29 UTC (permalink / raw)
  To: Gagandeep Singh, dev

> Change-log:
> Fixed git log issues.
> 
> Gagandeep Singh (13):
>   crypto/dpaa2_sec: fix fle buffer leak
>   crypto/dpaa2_sec: fix buffer pool ID check
>   crypto/dpaa_sec: fix length for chain FD in raw sec driver
>   crypto/dpaa2_sec: fix length for chain FD in raw sec driver
>   crypto/dpaa_sec: physically enable QI
>   crypto/dpaa_sec: replace use of old build macros
>   common/dpaax: remove obsolete code
>   crypto/dpaa2_sec: per queue pair fle pool
>   crypto/dpaa2_sec: fix crypto op pointer value
>   crypto/dpaa2_sec: fix operation status for simple FD
>   bus/dpaa: remove unused thread specific variables
>   crypto/dpaa_sec: move cdb prepration to session create
>   common/dpaax: fix short MAC-I IV calculation for zuc
> 
> Vanshika Shukla (1):
>   crypto/dpaa_sec: fix secondary process probe
> 
>  drivers/bus/dpaa/rte_dpaa_bus.h               |   8 +-
>  drivers/bus/fslmc/portal/dpaa2_hw_dpio.c      |   4 +-
>  drivers/bus/fslmc/portal/dpaa2_hw_pvt.h       |   3 +-
>  drivers/common/dpaax/caamflib/desc/ipsec.h    |  34 +--
>  drivers/common/dpaax/caamflib/desc/pdcp.h     |   2 +-
>  .../dpaax/caamflib/rta/fifo_load_store_cmd.h  |  15 --
>  .../common/dpaax/caamflib/rta/header_cmd.h    |  15 +-
>  drivers/common/dpaax/caamflib/rta/jump_cmd.h  |  16 --
>  drivers/common/dpaax/caamflib/rta/key_cmd.h   |  12 -
>  drivers/common/dpaax/caamflib/rta/math_cmd.h  |  29 ---
>  drivers/common/dpaax/caamflib/rta/move_cmd.h  |  39 +--
>  drivers/common/dpaax/caamflib/rta/nfifo_cmd.h |   6 -
>  .../common/dpaax/caamflib/rta/operation_cmd.h |  20 --
>  .../common/dpaax/caamflib/rta/protocol_cmd.h  |  29 ---
>  drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c   | 232 ++++++++++--------
>  drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h     |   5 +-
>  drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c   |  10 +-
>  drivers/crypto/dpaa_sec/dpaa_sec.c            |  74 ++++--
>  drivers/crypto/dpaa_sec/dpaa_sec.h            |   6 +
>  drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c     |  14 +-
>  drivers/net/dpaa2/dpaa2_ethdev.h              |   4 +-
>  drivers/net/dpaa2/dpaa2_rxtx.c                |   3 +-
>  22 files changed, 233 insertions(+), 347 deletions(-)

Series Acked-by: Akhil Goyal <gakhil@marvell.com>

Applied to dpdk-next-crypto

Thanks.

^ permalink raw reply	[flat|nested] 33+ messages in thread

end of thread, other threads:[~2022-04-29  9:29 UTC | newest]

Thread overview: 33+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-04-22  3:50 [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak Gagandeep Singh
2022-04-22  3:50 ` [PATCH 02/14] crypto/dpaa2_sec: fix buffer pool ID check Gagandeep Singh
2022-04-22  3:50 ` [PATCH 03/14] crypto/dpaa_sec: fix length for chain fd in raw sec driver Gagandeep Singh
2022-04-22  3:50 ` [PATCH 04/14] crypto/dpaa2_sec: " Gagandeep Singh
2022-04-22  3:50 ` [PATCH 05/14] crypto/dpaa_sec: physically enable QI Gagandeep Singh
2022-04-22  3:50 ` [PATCH 06/14] crypto/dpaa_sec: replace use of old build macros Gagandeep Singh
2022-04-22  3:50 ` [PATCH 07/14] dpaax/caamflib: remove obsolete code Gagandeep Singh
2022-04-22  3:50 ` [PATCH 08/14] crypto/dpaa_sec : fix secondary process probe Gagandeep Singh
2022-04-22  3:50 ` [PATCH 09/14] crypto/dpaa2_sec: per queue pair fle pool Gagandeep Singh
2022-04-22  3:50 ` [PATCH 10/14] crypto/dpaa2_sec: fix crypto op pointer for atomic and ordered queues Gagandeep Singh
2022-04-22  3:50 ` [PATCH 11/14] crypto/dpaa2_sec: fix operation status for simple fd Gagandeep Singh
2022-04-22  3:50 ` [PATCH 12/14] crypto/dpaa_sec: remove unused thread specific variables Gagandeep Singh
2022-04-22  3:50 ` [PATCH 13/14] crypto/dpaa_sec: move cdb prepration to session create Gagandeep Singh
2022-04-22  3:51 ` [PATCH 14/14] common/dpaax: fix short MAC-I IV calculation for zuc Gagandeep Singh
2022-04-28  7:15 ` [EXT] [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak Akhil Goyal
2022-04-28  9:23   ` Gagandeep Singh
2022-04-28  9:29     ` Akhil Goyal
2022-04-28 11:47 ` [PATCH v2 00/14] DPAA1 and DPAA2 crypto drivers changes Gagandeep Singh
2022-04-28 11:47   ` [PATCH v2 01/14] crypto/dpaa2_sec: fix fle buffer leak Gagandeep Singh
2022-04-28 11:47   ` [PATCH v2 02/14] crypto/dpaa2_sec: fix buffer pool ID check Gagandeep Singh
2022-04-28 11:47   ` [PATCH v2 03/14] crypto/dpaa_sec: fix length for chain FD in raw sec driver Gagandeep Singh
2022-04-28 11:47   ` [PATCH v2 04/14] crypto/dpaa2_sec: " Gagandeep Singh
2022-04-28 11:47   ` [PATCH v2 05/14] crypto/dpaa_sec: physically enable QI Gagandeep Singh
2022-04-28 11:47   ` [PATCH v2 06/14] crypto/dpaa_sec: replace use of old build macros Gagandeep Singh
2022-04-28 11:47   ` [PATCH v2 07/14] common/dpaax: remove obsolete code Gagandeep Singh
2022-04-28 11:47   ` [PATCH v2 08/14] crypto/dpaa_sec: fix secondary process probe Gagandeep Singh
2022-04-28 11:47   ` [PATCH v2 09/14] crypto/dpaa2_sec: per queue pair fle pool Gagandeep Singh
2022-04-28 11:47   ` [PATCH v2 10/14] crypto/dpaa2_sec: fix crypto op pointer value Gagandeep Singh
2022-04-28 11:47   ` [PATCH v2 11/14] crypto/dpaa2_sec: fix operation status for simple FD Gagandeep Singh
2022-04-28 11:47   ` [PATCH v2 12/14] bus/dpaa: remove unused thread specific variables Gagandeep Singh
2022-04-28 11:47   ` [PATCH v2 13/14] crypto/dpaa_sec: move cdb prepration to session create Gagandeep Singh
2022-04-28 11:47   ` [PATCH v2 14/14] common/dpaax: fix short MAC-I IV calculation for zuc Gagandeep Singh
2022-04-29  9:29   ` [EXT] [PATCH v2 00/14] DPAA1 and DPAA2 crypto drivers changes Akhil Goyal

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).