* [PATCH v2 1/4] crypto/qat: make immutable parameters constant
2022-10-20 15:09 [PATCH v2 0/4] crypto/qat: extend asymmetric crypto pmd Arek Kusztal
@ 2022-10-20 15:09 ` Arek Kusztal
2022-10-20 21:55 ` Ji, Kai
2022-10-20 15:09 ` [PATCH v2 2/4] crypto/qat: improve freeing of asym cookies Arek Kusztal
` (3 subsequent siblings)
4 siblings, 1 reply; 10+ messages in thread
From: Arek Kusztal @ 2022-10-20 15:09 UTC (permalink / raw)
To: dev; +Cc: gakhil, kai.ji, Arek Kusztal
All pointers passed to functions that are not supposed
to have its data changed should be marked as constant.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
drivers/common/qat/qat_adf/qat_pke.h | 16 +++----
drivers/common/qat/qat_device.c | 2 +-
drivers/common/qat/qat_device.h | 4 +-
drivers/crypto/qat/qat_asym.c | 90 +++++++++++++++++-------------------
drivers/crypto/qat/qat_ec.h | 2 +-
5 files changed, 54 insertions(+), 60 deletions(-)
diff --git a/drivers/common/qat/qat_adf/qat_pke.h b/drivers/common/qat/qat_adf/qat_pke.h
index 6c12bfd989..00e2b776dc 100644
--- a/drivers/common/qat/qat_adf/qat_pke.h
+++ b/drivers/common/qat/qat_adf/qat_pke.h
@@ -50,13 +50,13 @@ get_modexp_function2(uint32_t bytesize)
}
static struct qat_asym_function
-get_modexp_function(struct rte_crypto_asym_xform *xform)
+get_modexp_function(const struct rte_crypto_asym_xform *xform)
{
return get_modexp_function2(xform->modex.modulus.length);
}
static struct qat_asym_function
-get_modinv_function(struct rte_crypto_asym_xform *xform)
+get_modinv_function(const struct rte_crypto_asym_xform *xform)
{
struct qat_asym_function qat_function = { };
@@ -137,7 +137,7 @@ get_modinv_function(struct rte_crypto_asym_xform *xform)
}
static struct qat_asym_function
-get_rsa_enc_function(struct rte_crypto_asym_xform *xform)
+get_rsa_enc_function(const struct rte_crypto_asym_xform *xform)
{
struct qat_asym_function qat_function = { };
@@ -164,7 +164,7 @@ get_rsa_enc_function(struct rte_crypto_asym_xform *xform)
}
static struct qat_asym_function
-get_rsa_dec_function(struct rte_crypto_asym_xform *xform)
+get_rsa_dec_function(const struct rte_crypto_asym_xform *xform)
{
struct qat_asym_function qat_function = { };
@@ -191,7 +191,7 @@ get_rsa_dec_function(struct rte_crypto_asym_xform *xform)
}
static struct qat_asym_function
-get_rsa_crt_function(struct rte_crypto_asym_xform *xform)
+get_rsa_crt_function(const struct rte_crypto_asym_xform *xform)
{
struct qat_asym_function qat_function = { };
int nlen = xform->rsa.qt.p.length * 2;
@@ -219,7 +219,7 @@ get_rsa_crt_function(struct rte_crypto_asym_xform *xform)
}
static struct qat_asym_function
-get_ecdsa_verify_function(struct rte_crypto_asym_xform *xform)
+get_ecdsa_verify_function(const struct rte_crypto_asym_xform *xform)
{
struct qat_asym_function qat_function;
@@ -243,7 +243,7 @@ get_ecdsa_verify_function(struct rte_crypto_asym_xform *xform)
}
static struct qat_asym_function
-get_ecdsa_function(struct rte_crypto_asym_xform *xform)
+get_ecdsa_function(const struct rte_crypto_asym_xform *xform)
{
struct qat_asym_function qat_function;
@@ -267,7 +267,7 @@ get_ecdsa_function(struct rte_crypto_asym_xform *xform)
}
static struct qat_asym_function
-get_ecpm_function(struct rte_crypto_asym_xform *xform)
+get_ecpm_function(const struct rte_crypto_asym_xform *xform)
{
struct qat_asym_function qat_function;
diff --git a/drivers/common/qat/qat_device.c b/drivers/common/qat/qat_device.c
index 30e5cdb573..fcf08a70c4 100644
--- a/drivers/common/qat/qat_device.c
+++ b/drivers/common/qat/qat_device.c
@@ -453,7 +453,7 @@ qat_sym_dev_create(struct qat_pci_device *qat_pci_dev __rte_unused,
__rte_weak int
qat_asym_dev_create(struct qat_pci_device *qat_pci_dev __rte_unused,
- struct qat_dev_cmd_param *qat_dev_cmd_param __rte_unused)
+ const struct qat_dev_cmd_param *qat_dev_cmd_param __rte_unused)
{
return 0;
}
diff --git a/drivers/common/qat/qat_device.h b/drivers/common/qat/qat_device.h
index d1512f3b89..26055b875f 100644
--- a/drivers/common/qat/qat_device.h
+++ b/drivers/common/qat/qat_device.h
@@ -158,8 +158,8 @@ qat_sym_dev_create(struct qat_pci_device *qat_pci_dev __rte_unused,
struct qat_dev_cmd_param *qat_dev_cmd_param);
int
-qat_asym_dev_create(struct qat_pci_device *qat_pci_dev __rte_unused,
- struct qat_dev_cmd_param *qat_dev_cmd_param);
+qat_asym_dev_create(struct qat_pci_device *qat_pci_dev,
+ const struct qat_dev_cmd_param *qat_dev_cmd_param);
int
qat_sym_dev_destroy(struct qat_pci_device *qat_pci_dev __rte_unused);
diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c
index 05ca95319b..6a079424b9 100644
--- a/drivers/crypto/qat/qat_asym.c
+++ b/drivers/crypto/qat/qat_asym.c
@@ -129,7 +129,7 @@ cleanup_crt(struct qat_asym_op_cookie *cookie,
static void
cleanup(struct qat_asym_op_cookie *cookie,
- struct rte_crypto_asym_xform *xform)
+ const struct rte_crypto_asym_xform *xform)
{
if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODEX)
cleanup_arrays(cookie, QAT_ASYM_MODEXP_NUM_IN_PARAMS,
@@ -178,7 +178,7 @@ check_zero(rte_crypto_param n)
}
static struct qat_asym_function
-get_asym_function(struct rte_crypto_asym_xform *xform)
+get_asym_function(const struct rte_crypto_asym_xform *xform)
{
struct qat_asym_function qat_function;
@@ -198,10 +198,10 @@ get_asym_function(struct rte_crypto_asym_xform *xform)
}
static int
-modexp_set_input(struct rte_crypto_asym_op *asym_op,
- struct icp_qat_fw_pke_request *qat_req,
+modexp_set_input(struct icp_qat_fw_pke_request *qat_req,
struct qat_asym_op_cookie *cookie,
- struct rte_crypto_asym_xform *xform)
+ const struct rte_crypto_asym_op *asym_op,
+ const struct rte_crypto_asym_xform *xform)
{
struct qat_asym_function qat_function;
uint32_t alg_bytesize, func_id, in_bytesize;
@@ -248,8 +248,8 @@ modexp_set_input(struct rte_crypto_asym_op *asym_op,
static uint8_t
modexp_collect(struct rte_crypto_asym_op *asym_op,
- struct qat_asym_op_cookie *cookie,
- struct rte_crypto_asym_xform *xform)
+ const struct qat_asym_op_cookie *cookie,
+ const struct rte_crypto_asym_xform *xform)
{
rte_crypto_param n = xform->modex.modulus;
uint32_t alg_bytesize = cookie->alg_bytesize;
@@ -268,10 +268,10 @@ modexp_collect(struct rte_crypto_asym_op *asym_op,
}
static int
-modinv_set_input(struct rte_crypto_asym_op *asym_op,
- struct icp_qat_fw_pke_request *qat_req,
+modinv_set_input(struct icp_qat_fw_pke_request *qat_req,
struct qat_asym_op_cookie *cookie,
- struct rte_crypto_asym_xform *xform)
+ const struct rte_crypto_asym_op *asym_op,
+ const struct rte_crypto_asym_xform *xform)
{
struct qat_asym_function qat_function;
uint32_t alg_bytesize, func_id;
@@ -308,8 +308,8 @@ modinv_set_input(struct rte_crypto_asym_op *asym_op,
static uint8_t
modinv_collect(struct rte_crypto_asym_op *asym_op,
- struct qat_asym_op_cookie *cookie,
- struct rte_crypto_asym_xform *xform)
+ const struct qat_asym_op_cookie *cookie,
+ const struct rte_crypto_asym_xform *xform)
{
rte_crypto_param n = xform->modinv.modulus;
uint8_t *modinv_result = asym_op->modinv.result.data;
@@ -329,10 +329,10 @@ modinv_collect(struct rte_crypto_asym_op *asym_op,
}
static int
-rsa_set_pub_input(struct rte_crypto_asym_op *asym_op,
- struct icp_qat_fw_pke_request *qat_req,
+rsa_set_pub_input(struct icp_qat_fw_pke_request *qat_req,
struct qat_asym_op_cookie *cookie,
- struct rte_crypto_asym_xform *xform)
+ const struct rte_crypto_asym_op *asym_op,
+ const struct rte_crypto_asym_xform *xform)
{
struct qat_asym_function qat_function;
uint32_t alg_bytesize, func_id;
@@ -385,10 +385,10 @@ rsa_set_pub_input(struct rte_crypto_asym_op *asym_op,
}
static int
-rsa_set_priv_input(struct rte_crypto_asym_op *asym_op,
- struct icp_qat_fw_pke_request *qat_req,
+rsa_set_priv_input(struct icp_qat_fw_pke_request *qat_req,
struct qat_asym_op_cookie *cookie,
- struct rte_crypto_asym_xform *xform)
+ const struct rte_crypto_asym_op *asym_op,
+ const struct rte_crypto_asym_xform *xform)
{
struct qat_asym_function qat_function;
uint32_t alg_bytesize, func_id;
@@ -478,10 +478,10 @@ rsa_set_priv_input(struct rte_crypto_asym_op *asym_op,
}
static int
-rsa_set_input(struct rte_crypto_asym_op *asym_op,
- struct icp_qat_fw_pke_request *qat_req,
+rsa_set_input(struct icp_qat_fw_pke_request *qat_req,
struct qat_asym_op_cookie *cookie,
- struct rte_crypto_asym_xform *xform)
+ const struct rte_crypto_asym_op *asym_op,
+ const struct rte_crypto_asym_xform *xform)
{
qat_req->input_param_count =
QAT_ASYM_RSA_NUM_IN_PARAMS;
@@ -491,15 +491,15 @@ rsa_set_input(struct rte_crypto_asym_op *asym_op,
if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT ||
asym_op->rsa.op_type ==
RTE_CRYPTO_ASYM_OP_VERIFY) {
- return rsa_set_pub_input(asym_op, qat_req, cookie, xform);
+ return rsa_set_pub_input(qat_req, cookie, asym_op, xform);
} else {
- return rsa_set_priv_input(asym_op, qat_req, cookie, xform);
+ return rsa_set_priv_input(qat_req, cookie, asym_op, xform);
}
}
static uint8_t
rsa_collect(struct rte_crypto_asym_op *asym_op,
- struct qat_asym_op_cookie *cookie)
+ const struct qat_asym_op_cookie *cookie)
{
uint32_t alg_bytesize = cookie->alg_bytesize;
@@ -559,10 +559,10 @@ rsa_collect(struct rte_crypto_asym_op *asym_op,
}
static int
-ecdsa_set_input(struct rte_crypto_asym_op *asym_op,
- struct icp_qat_fw_pke_request *qat_req,
+ecdsa_set_input(struct icp_qat_fw_pke_request *qat_req,
struct qat_asym_op_cookie *cookie,
- struct rte_crypto_asym_xform *xform)
+ const struct rte_crypto_asym_op *asym_op,
+ const struct rte_crypto_asym_xform *xform)
{
struct qat_asym_function qat_function;
uint32_t qat_func_alignsize, func_id;
@@ -662,7 +662,7 @@ ecdsa_set_input(struct rte_crypto_asym_op *asym_op,
static uint8_t
ecdsa_collect(struct rte_crypto_asym_op *asym_op,
- struct qat_asym_op_cookie *cookie)
+ const struct qat_asym_op_cookie *cookie)
{
uint32_t alg_bytesize = cookie->alg_bytesize;
uint32_t qat_func_alignsize = cookie->qat_func_alignsize;
@@ -686,10 +686,10 @@ ecdsa_collect(struct rte_crypto_asym_op *asym_op,
}
static int
-ecpm_set_input(struct rte_crypto_asym_op *asym_op,
- struct icp_qat_fw_pke_request *qat_req,
+ecpm_set_input(struct icp_qat_fw_pke_request *qat_req,
struct qat_asym_op_cookie *cookie,
- struct rte_crypto_asym_xform *xform)
+ const struct rte_crypto_asym_op *asym_op,
+ const struct rte_crypto_asym_xform *xform)
{
struct qat_asym_function qat_function;
uint32_t qat_func_alignsize, func_id;
@@ -738,7 +738,7 @@ ecpm_set_input(struct rte_crypto_asym_op *asym_op,
static uint8_t
ecpm_collect(struct rte_crypto_asym_op *asym_op,
- struct qat_asym_op_cookie *cookie)
+ const struct qat_asym_op_cookie *cookie)
{
uint8_t *x = asym_op->ecpm.r.x.data;
uint8_t *y = asym_op->ecpm.r.y.data;
@@ -759,27 +759,22 @@ ecpm_collect(struct rte_crypto_asym_op *asym_op,
}
static int
-asym_set_input(struct rte_crypto_asym_op *asym_op,
- struct icp_qat_fw_pke_request *qat_req,
+asym_set_input(struct icp_qat_fw_pke_request *qat_req,
struct qat_asym_op_cookie *cookie,
- struct rte_crypto_asym_xform *xform)
+ const struct rte_crypto_asym_op *asym_op,
+ const struct rte_crypto_asym_xform *xform)
{
switch (xform->xform_type) {
case RTE_CRYPTO_ASYM_XFORM_MODEX:
- return modexp_set_input(asym_op, qat_req,
- cookie, xform);
+ return modexp_set_input(qat_req, cookie, asym_op, xform);
case RTE_CRYPTO_ASYM_XFORM_MODINV:
- return modinv_set_input(asym_op, qat_req,
- cookie, xform);
+ return modinv_set_input(qat_req, cookie, asym_op, xform);
case RTE_CRYPTO_ASYM_XFORM_RSA:
- return rsa_set_input(asym_op, qat_req,
- cookie, xform);
+ return rsa_set_input(qat_req, cookie, asym_op, xform);
case RTE_CRYPTO_ASYM_XFORM_ECDSA:
- return ecdsa_set_input(asym_op, qat_req,
- cookie, xform);
+ return ecdsa_set_input(qat_req, cookie, asym_op, xform);
case RTE_CRYPTO_ASYM_XFORM_ECPM:
- return ecpm_set_input(asym_op, qat_req,
- cookie, xform);
+ return ecpm_set_input(qat_req, cookie, asym_op, xform);
default:
QAT_LOG(ERR, "Invalid/unsupported asymmetric crypto xform");
return -EINVAL;
@@ -824,8 +819,7 @@ qat_asym_build_request(void *in_op, uint8_t *out_msg, void *op_cookie,
op->status = RTE_CRYPTO_OP_STATUS_INVALID_SESSION;
goto error;
}
- err = asym_set_input(asym_op, qat_req, cookie,
- xform);
+ err = asym_set_input(qat_req, cookie, asym_op, xform);
if (err) {
op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;
goto error;
@@ -1265,7 +1259,7 @@ qat_asym_init_op_cookie(void *op_cookie)
int
qat_asym_dev_create(struct qat_pci_device *qat_pci_dev,
- struct qat_dev_cmd_param *qat_dev_cmd_param)
+ const struct qat_dev_cmd_param *qat_dev_cmd_param)
{
struct qat_cryptodev_private *internals;
struct rte_cryptodev *cryptodev;
diff --git a/drivers/crypto/qat/qat_ec.h b/drivers/crypto/qat/qat_ec.h
index bbd0b31949..0e02722c18 100644
--- a/drivers/crypto/qat/qat_ec.h
+++ b/drivers/crypto/qat/qat_ec.h
@@ -264,7 +264,7 @@ static struct elliptic_curve curve[] = {
};
static int
-pick_curve(struct rte_crypto_asym_xform *xform)
+pick_curve(const struct rte_crypto_asym_xform *xform)
{
switch (xform->ec.curve_id) {
case RTE_CRYPTO_EC_GROUP_SECP256R1:
--
2.13.6
^ permalink raw reply [flat|nested] 10+ messages in thread* RE: [PATCH v2 1/4] crypto/qat: make immutable parameters constant
2022-10-20 15:09 ` [PATCH v2 1/4] crypto/qat: make immutable parameters constant Arek Kusztal
@ 2022-10-20 21:55 ` Ji, Kai
0 siblings, 0 replies; 10+ messages in thread
From: Ji, Kai @ 2022-10-20 21:55 UTC (permalink / raw)
To: Kusztal, ArkadiuszX, dev; +Cc: gakhil
Acked-by: Kai Ji <kai.ji@intel.com>
> -----Original Message-----
> From: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>
> Sent: Thursday, October 20, 2022 4:10 PM
> To: dev@dpdk.org
> Cc: gakhil@marvell.com; Ji, Kai <kai.ji@intel.com>; Kusztal, ArkadiuszX
> <arkadiuszx.kusztal@intel.com>
> Subject: [PATCH v2 1/4] crypto/qat: make immutable parameters constant
>
> All pointers passed to functions that are not supposed to have its data
> changed should be marked as constant.
>
> Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
> ---
^ permalink raw reply [flat|nested] 10+ messages in thread
* [PATCH v2 2/4] crypto/qat: improve freeing of asym cookies
2022-10-20 15:09 [PATCH v2 0/4] crypto/qat: extend asymmetric crypto pmd Arek Kusztal
2022-10-20 15:09 ` [PATCH v2 1/4] crypto/qat: make immutable parameters constant Arek Kusztal
@ 2022-10-20 15:09 ` Arek Kusztal
2022-10-20 21:57 ` Ji, Kai
2022-10-20 15:09 ` [PATCH v2 3/4] crypto/qat: add ecdh key exchange algorithm Arek Kusztal
` (2 subsequent siblings)
4 siblings, 1 reply; 10+ messages in thread
From: Arek Kusztal @ 2022-10-20 15:09 UTC (permalink / raw)
To: dev; +Cc: gakhil, kai.ji, Arek Kusztal
Improve the way that cookies are freed and cleared.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
drivers/crypto/qat/qat_asym.c | 73 ++++++++++++++++++++-----------------------
1 file changed, 34 insertions(+), 39 deletions(-)
diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c
index 6a079424b9..a77f7bfcd0 100644
--- a/drivers/crypto/qat/qat_asym.c
+++ b/drivers/crypto/qat/qat_asym.c
@@ -70,27 +70,33 @@ static const struct rte_driver cryptodev_qat_asym_driver = {
} while (0)
#define SET_PKE_LN(what, how, idx) \
- rte_memcpy(cookie->input_array[idx] + how - \
- what.length, \
- what.data, \
- what.length)
+ rte_memcpy(cookie->input_array[idx] + how - \
+ what.length, \
+ what.data, \
+ what.length)
#define SET_PKE_LN_EC(curve, p, idx) \
- rte_memcpy(cookie->input_array[idx] + \
- qat_func_alignsize - curve.bytesize, \
- curve.p.data, curve.bytesize)
+ rte_memcpy(cookie->input_array[idx] + \
+ qat_func_alignsize - curve.bytesize, \
+ curve.p.data, curve.bytesize)
#define SET_PKE_9A_IN(what, idx) \
- rte_memcpy(&cookie->input_buffer[idx * \
- qat_func_alignsize] + \
- qat_func_alignsize - what.length, \
- what.data, what.length)
+ rte_memcpy(&cookie->input_buffer[idx * \
+ qat_func_alignsize] + \
+ qat_func_alignsize - what.length, \
+ what.data, what.length)
#define SET_PKE_9A_EC(curve, p, idx) \
- rte_memcpy(&cookie->input_buffer[idx * \
- qat_func_alignsize] + \
- qat_func_alignsize - curve.bytesize, \
- curve.p.data, curve.bytesize)
+ rte_memcpy(&cookie->input_buffer[idx * \
+ qat_func_alignsize] + \
+ qat_func_alignsize - curve.bytesize, \
+ curve.p.data, curve.bytesize)
+
+#define PARAM_CLR(what) \
+ do { \
+ memset(what.data, 0, what.length); \
+ rte_free(what.data); \
+ } while (0)
static void
request_init(struct icp_qat_fw_pke_request *qat_req)
@@ -98,8 +104,8 @@ request_init(struct icp_qat_fw_pke_request *qat_req)
memset(qat_req, 0, sizeof(*qat_req));
qat_req->pke_hdr.service_type = ICP_QAT_FW_COMN_REQ_CPM_FW_PKE;
qat_req->pke_hdr.hdr_flags =
- ICP_QAT_FW_COMN_HDR_FLAGS_BUILD
- (ICP_QAT_FW_COMN_REQ_FLAG_SET);
+ ICP_QAT_FW_COMN_HDR_FLAGS_BUILD
+ (ICP_QAT_FW_COMN_REQ_FLAG_SET);
}
static void
@@ -1146,40 +1152,29 @@ qat_asym_session_get_private_size(struct rte_cryptodev *dev __rte_unused)
static void
session_clear_modexp(struct rte_crypto_modex_xform *modex)
{
- memset(modex->modulus.data, 0, modex->modulus.length);
- rte_free(modex->modulus.data);
- memset(modex->exponent.data, 0, modex->exponent.length);
- rte_free(modex->exponent.data);
+ PARAM_CLR(modex->modulus);
+ PARAM_CLR(modex->exponent);
}
static void
session_clear_modinv(struct rte_crypto_modinv_xform *modinv)
{
- memset(modinv->modulus.data, 0, modinv->modulus.length);
- rte_free(modinv->modulus.data);
+ PARAM_CLR(modinv->modulus);
}
static void
session_clear_rsa(struct rte_crypto_rsa_xform *rsa)
{
- memset(rsa->n.data, 0, rsa->n.length);
- rte_free(rsa->n.data);
- memset(rsa->e.data, 0, rsa->e.length);
- rte_free(rsa->e.data);
+ PARAM_CLR(rsa->n);
+ PARAM_CLR(rsa->e);
if (rsa->key_type == RTE_RSA_KEY_TYPE_EXP) {
- memset(rsa->d.data, 0, rsa->d.length);
- rte_free(rsa->d.data);
+ PARAM_CLR(rsa->d);
} else {
- memset(rsa->qt.p.data, 0, rsa->qt.p.length);
- rte_free(rsa->qt.p.data);
- memset(rsa->qt.q.data, 0, rsa->qt.q.length);
- rte_free(rsa->qt.q.data);
- memset(rsa->qt.dP.data, 0, rsa->qt.dP.length);
- rte_free(rsa->qt.dP.data);
- memset(rsa->qt.dQ.data, 0, rsa->qt.dQ.length);
- rte_free(rsa->qt.dQ.data);
- memset(rsa->qt.qInv.data, 0, rsa->qt.qInv.length);
- rte_free(rsa->qt.qInv.data);
+ PARAM_CLR(rsa->qt.p);
+ PARAM_CLR(rsa->qt.q);
+ PARAM_CLR(rsa->qt.dP);
+ PARAM_CLR(rsa->qt.dQ);
+ PARAM_CLR(rsa->qt.qInv);
}
}
--
2.13.6
^ permalink raw reply [flat|nested] 10+ messages in thread* RE: [PATCH v2 2/4] crypto/qat: improve freeing of asym cookies
2022-10-20 15:09 ` [PATCH v2 2/4] crypto/qat: improve freeing of asym cookies Arek Kusztal
@ 2022-10-20 21:57 ` Ji, Kai
0 siblings, 0 replies; 10+ messages in thread
From: Ji, Kai @ 2022-10-20 21:57 UTC (permalink / raw)
To: Kusztal, ArkadiuszX, dev; +Cc: gakhil
Acked-by: Kai Ji <kai.ji@intel.com>
> -----Original Message-----
> From: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>
> Sent: Thursday, October 20, 2022 4:10 PM
> To: dev@dpdk.org
> Cc: gakhil@marvell.com; Ji, Kai <kai.ji@intel.com>; Kusztal, ArkadiuszX
> <arkadiuszx.kusztal@intel.com>
> Subject: [PATCH v2 2/4] crypto/qat: improve freeing of asym cookies
>
> Improve the way that cookies are freed and cleared.
>
> Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
> ---
^ permalink raw reply [flat|nested] 10+ messages in thread
* [PATCH v2 3/4] crypto/qat: add ecdh key exchange algorithm
2022-10-20 15:09 [PATCH v2 0/4] crypto/qat: extend asymmetric crypto pmd Arek Kusztal
2022-10-20 15:09 ` [PATCH v2 1/4] crypto/qat: make immutable parameters constant Arek Kusztal
2022-10-20 15:09 ` [PATCH v2 2/4] crypto/qat: improve freeing of asym cookies Arek Kusztal
@ 2022-10-20 15:09 ` Arek Kusztal
2022-10-24 11:11 ` Ji, Kai
2022-10-20 15:09 ` [PATCH v2 4/4] crypto/qat: add ecdh public key verification Arek Kusztal
2022-10-27 9:48 ` [EXT] [PATCH v2 0/4] crypto/qat: extend asymmetric crypto pmd Akhil Goyal
4 siblings, 1 reply; 10+ messages in thread
From: Arek Kusztal @ 2022-10-20 15:09 UTC (permalink / raw)
To: dev; +Cc: gakhil, kai.ji, Arek Kusztal
This commit adds ECDH algorithm to Intel QuickAssist
Technology driver.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
doc/guides/cryptodevs/features/qat.ini | 7 ++-
doc/guides/cryptodevs/qat.rst | 1 +
doc/guides/rel_notes/release_22_11.rst | 4 ++
drivers/crypto/qat/qat_asym.c | 98 +++++++++++++++++++++++++++++++++-
4 files changed, 106 insertions(+), 4 deletions(-)
diff --git a/doc/guides/cryptodevs/features/qat.ini b/doc/guides/cryptodevs/features/qat.ini
index 4508becc56..5ba5546160 100644
--- a/doc/guides/cryptodevs/features/qat.ini
+++ b/doc/guides/cryptodevs/features/qat.ini
@@ -84,8 +84,11 @@ CHACHA20-POLY1305 = Y
;
[Asymmetric]
Modular Exponentiation = Y
-Modular Inversion = Y
-RSA = Y
+Modular Inversion = Y
+RSA = Y
+ECDSA = Y
+ECPM = Y
+ECDH = Y
;
; Supported Operating systems of the 'qat' crypto driver.
diff --git a/doc/guides/cryptodevs/qat.rst b/doc/guides/cryptodevs/qat.rst
index 494fc7fd68..2d895e61ac 100644
--- a/doc/guides/cryptodevs/qat.rst
+++ b/doc/guides/cryptodevs/qat.rst
@@ -178,6 +178,7 @@ The QAT ASYM PMD has support for:
* ``RTE_CRYPTO_ASYM_XFORM_RSA``
* ``RTE_CRYPTO_ASYM_XFORM_ECDSA``
* ``RTE_CRYPTO_ASYM_XFORM_ECPM``
+* ``RTE_CRYPTO_ASYM_XFORM_ECDH``
Limitations
~~~~~~~~~~~
diff --git a/doc/guides/rel_notes/release_22_11.rst b/doc/guides/rel_notes/release_22_11.rst
index 281ba2fc7f..36f1028107 100644
--- a/doc/guides/rel_notes/release_22_11.rst
+++ b/doc/guides/rel_notes/release_22_11.rst
@@ -254,6 +254,10 @@ New Features
Added support for asymmetric crypto algorithms.
See the :doc:`../sample_app_ug/fips_validation` for more details.
+* **Updated Intel QuickAssist Technology (QAT) asymmetric crypto driver.**
+
+ * Added support for ECDH key exchange algorithm.
+
Removed Items
-------------
diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c
index a77f7bfcd0..b49eca4b4a 100644
--- a/drivers/crypto/qat/qat_asym.c
+++ b/drivers/crypto/qat/qat_asym.c
@@ -765,6 +765,94 @@ ecpm_collect(struct rte_crypto_asym_op *asym_op,
}
static int
+ecdh_set_input(struct icp_qat_fw_pke_request *qat_req,
+ struct qat_asym_op_cookie *cookie,
+ const struct rte_crypto_asym_op *asym_op,
+ const struct rte_crypto_asym_xform *xform)
+{
+ struct qat_asym_function qat_function;
+ uint32_t qat_func_alignsize, func_id;
+ int curve_id;
+
+ curve_id = pick_curve(xform);
+ if (curve_id < 0) {
+ QAT_LOG(DEBUG, "Incorrect elliptic curve");
+ return -EINVAL;
+ }
+
+ qat_function = get_ecpm_function(xform);
+ func_id = qat_function.func_id;
+ if (func_id == 0) {
+ QAT_LOG(ERR, "Cannot obtain functionality id");
+ return -EINVAL;
+ }
+ qat_func_alignsize = RTE_ALIGN_CEIL(qat_function.bytesize, 8);
+
+ if (asym_op->ecdh.ke_type == RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE) {
+ SET_PKE_LN(asym_op->ecdh.priv_key, qat_func_alignsize, 0);
+ SET_PKE_LN_EC(curve[curve_id], x, 1);
+ SET_PKE_LN_EC(curve[curve_id], y, 2);
+ } else {
+ SET_PKE_LN(asym_op->ecdh.priv_key, qat_func_alignsize, 0);
+ SET_PKE_LN(asym_op->ecdh.pub_key.x, qat_func_alignsize, 1);
+ SET_PKE_LN(asym_op->ecdh.pub_key.y, qat_func_alignsize, 2);
+ }
+ SET_PKE_LN_EC(curve[curve_id], a, 3);
+ SET_PKE_LN_EC(curve[curve_id], b, 4);
+ SET_PKE_LN_EC(curve[curve_id], p, 5);
+ SET_PKE_LN_EC(curve[curve_id], h, 6);
+
+ cookie->alg_bytesize = curve[curve_id].bytesize;
+ cookie->qat_func_alignsize = qat_func_alignsize;
+ qat_req->pke_hdr.cd_pars.func_id = func_id;
+ qat_req->input_param_count =
+ QAT_ASYM_ECPM_IN_PARAMS;
+ qat_req->output_param_count =
+ QAT_ASYM_ECPM_OUT_PARAMS;
+
+ HEXDUMP("k", cookie->input_array[0], qat_func_alignsize);
+ HEXDUMP("xG", cookie->input_array[1], qat_func_alignsize);
+ HEXDUMP("yG", cookie->input_array[2], qat_func_alignsize);
+ HEXDUMP("a", cookie->input_array[3], qat_func_alignsize);
+ HEXDUMP("b", cookie->input_array[4], qat_func_alignsize);
+ HEXDUMP("q", cookie->input_array[5], qat_func_alignsize);
+ HEXDUMP("h", cookie->input_array[6], qat_func_alignsize);
+
+ return 0;
+}
+
+static uint8_t
+ecdh_collect(struct rte_crypto_asym_op *asym_op,
+ const struct qat_asym_op_cookie *cookie)
+{
+ uint8_t *x, *y;
+ uint32_t alg_bytesize = cookie->alg_bytesize;
+ uint32_t qat_func_alignsize = cookie->qat_func_alignsize;
+ uint32_t ltrim = qat_func_alignsize - alg_bytesize;
+
+ if (asym_op->ecdh.ke_type == RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE) {
+ asym_op->ecdh.pub_key.x.length = alg_bytesize;
+ asym_op->ecdh.pub_key.y.length = alg_bytesize;
+ x = asym_op->ecdh.pub_key.x.data;
+ y = asym_op->ecdh.pub_key.y.data;
+ } else {
+ asym_op->ecdh.shared_secret.x.length = alg_bytesize;
+ asym_op->ecdh.shared_secret.y.length = alg_bytesize;
+ x = asym_op->ecdh.shared_secret.x.data;
+ y = asym_op->ecdh.shared_secret.y.data;
+ }
+
+ rte_memcpy(x, &cookie->output_array[0][ltrim], alg_bytesize);
+ rte_memcpy(y, &cookie->output_array[1][ltrim], alg_bytesize);
+
+ HEXDUMP("X", cookie->output_array[0],
+ qat_func_alignsize);
+ HEXDUMP("Y", cookie->output_array[1],
+ qat_func_alignsize);
+ return RTE_CRYPTO_OP_STATUS_SUCCESS;
+}
+
+static int
asym_set_input(struct icp_qat_fw_pke_request *qat_req,
struct qat_asym_op_cookie *cookie,
const struct rte_crypto_asym_op *asym_op,
@@ -781,6 +869,9 @@ asym_set_input(struct icp_qat_fw_pke_request *qat_req,
return ecdsa_set_input(qat_req, cookie, asym_op, xform);
case RTE_CRYPTO_ASYM_XFORM_ECPM:
return ecpm_set_input(qat_req, cookie, asym_op, xform);
+ case RTE_CRYPTO_ASYM_XFORM_ECDH:
+ return ecdh_set_input(qat_req, cookie,
+ asym_op, xform);
default:
QAT_LOG(ERR, "Invalid/unsupported asymmetric crypto xform");
return -EINVAL;
@@ -867,6 +958,8 @@ qat_asym_collect_response(struct rte_crypto_op *op,
return ecdsa_collect(asym_op, cookie);
case RTE_CRYPTO_ASYM_XFORM_ECPM:
return ecpm_collect(asym_op, cookie);
+ case RTE_CRYPTO_ASYM_XFORM_ECDH:
+ return ecdh_collect(asym_op, cookie);
default:
QAT_LOG(ERR, "Not supported xform type");
return RTE_CRYPTO_OP_STATUS_ERROR;
@@ -1099,7 +1192,7 @@ session_set_rsa(struct qat_asym_session *qat_session,
}
static void
-session_set_ecdsa(struct qat_asym_session *qat_session,
+session_set_ec(struct qat_asym_session *qat_session,
struct rte_crypto_asym_xform *xform)
{
qat_session->xform.ec.curve_id = xform->ec.curve_id;
@@ -1129,7 +1222,8 @@ qat_asym_session_configure(struct rte_cryptodev *dev __rte_unused,
break;
case RTE_CRYPTO_ASYM_XFORM_ECDSA:
case RTE_CRYPTO_ASYM_XFORM_ECPM:
- session_set_ecdsa(qat_session, xform);
+ case RTE_CRYPTO_ASYM_XFORM_ECDH:
+ session_set_ec(qat_session, xform);
break;
default:
ret = -ENOTSUP;
--
2.13.6
^ permalink raw reply [flat|nested] 10+ messages in thread* RE: [PATCH v2 3/4] crypto/qat: add ecdh key exchange algorithm
2022-10-20 15:09 ` [PATCH v2 3/4] crypto/qat: add ecdh key exchange algorithm Arek Kusztal
@ 2022-10-24 11:11 ` Ji, Kai
0 siblings, 0 replies; 10+ messages in thread
From: Ji, Kai @ 2022-10-24 11:11 UTC (permalink / raw)
To: Kusztal, ArkadiuszX, dev; +Cc: gakhil
Acked-by: Kai Ji <kai.ji@intel.com>
> -----Original Message-----
> From: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>
> Sent: Thursday, October 20, 2022 4:10 PM
> To: dev@dpdk.org
> Cc: gakhil@marvell.com; Ji, Kai <kai.ji@intel.com>; Kusztal, ArkadiuszX
> <arkadiuszx.kusztal@intel.com>
> Subject: [PATCH v2 3/4] crypto/qat: add ecdh key exchange algorithm
>
> This commit adds ECDH algorithm to Intel QuickAssist Technology driver.
>
> Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
> ---
^ permalink raw reply [flat|nested] 10+ messages in thread
* [PATCH v2 4/4] crypto/qat: add ecdh public key verification
2022-10-20 15:09 [PATCH v2 0/4] crypto/qat: extend asymmetric crypto pmd Arek Kusztal
` (2 preceding siblings ...)
2022-10-20 15:09 ` [PATCH v2 3/4] crypto/qat: add ecdh key exchange algorithm Arek Kusztal
@ 2022-10-20 15:09 ` Arek Kusztal
2022-10-24 11:26 ` Ji, Kai
2022-10-27 9:48 ` [EXT] [PATCH v2 0/4] crypto/qat: extend asymmetric crypto pmd Akhil Goyal
4 siblings, 1 reply; 10+ messages in thread
From: Arek Kusztal @ 2022-10-20 15:09 UTC (permalink / raw)
To: dev; +Cc: gakhil, kai.ji, Arek Kusztal
This commit adds verification option for elliptic curve
points when used along ECDH algorithm.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
drivers/common/qat/qat_adf/qat_pke.h | 24 +++++++++++++++
drivers/crypto/qat/qat_asym.c | 58 +++++++++++++++++++++++++++++++++++-
2 files changed, 81 insertions(+), 1 deletion(-)
diff --git a/drivers/common/qat/qat_adf/qat_pke.h b/drivers/common/qat/qat_adf/qat_pke.h
index 00e2b776dc..4b09e76dbb 100644
--- a/drivers/common/qat/qat_adf/qat_pke.h
+++ b/drivers/common/qat/qat_adf/qat_pke.h
@@ -290,4 +290,28 @@ get_ecpm_function(const struct rte_crypto_asym_xform *xform)
return qat_function;
}
+static struct qat_asym_function
+get_ec_verify_function(const struct rte_crypto_asym_xform *xform)
+{
+ struct qat_asym_function qat_function;
+
+ switch (xform->ec.curve_id) {
+ case RTE_CRYPTO_EC_GROUP_SECP256R1:
+ qat_function.func_id = MATHS_POINT_VERIFY_GFP_L256;
+ qat_function.bytesize = 32;
+ break;
+ case RTE_CRYPTO_EC_GROUP_SECP384R1:
+ qat_function.func_id = MATHS_POINT_VERIFY_GFP_L512;
+ qat_function.bytesize = 64;
+ break;
+ case RTE_CRYPTO_EC_GROUP_SECP521R1:
+ qat_function.func_id = MATHS_POINT_VERIFY_GFP_521;
+ qat_function.bytesize = 66;
+ break;
+ default:
+ qat_function.func_id = 0;
+ }
+ return qat_function;
+}
+
#endif
diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c
index b49eca4b4a..c6a2028c93 100644
--- a/drivers/crypto/qat/qat_asym.c
+++ b/drivers/crypto/qat/qat_asym.c
@@ -821,6 +821,53 @@ ecdh_set_input(struct icp_qat_fw_pke_request *qat_req,
return 0;
}
+static int
+ecdh_verify_set_input(struct icp_qat_fw_pke_request *qat_req,
+ struct qat_asym_op_cookie *cookie,
+ const struct rte_crypto_asym_op *asym_op,
+ const struct rte_crypto_asym_xform *xform)
+{
+ struct qat_asym_function qat_function;
+ uint32_t qat_func_alignsize, func_id;
+ int curve_id;
+
+ curve_id = pick_curve(xform);
+ if (curve_id < 0) {
+ QAT_LOG(DEBUG, "Incorrect elliptic curve");
+ return -EINVAL;
+ }
+
+ qat_function = get_ec_verify_function(xform);
+ func_id = qat_function.func_id;
+ if (func_id == 0) {
+ QAT_LOG(ERR, "Cannot obtain functionality id");
+ return -EINVAL;
+ }
+ qat_func_alignsize = RTE_ALIGN_CEIL(qat_function.bytesize, 8);
+
+ SET_PKE_LN(asym_op->ecdh.pub_key.x, qat_func_alignsize, 0);
+ SET_PKE_LN(asym_op->ecdh.pub_key.y, qat_func_alignsize, 1);
+ SET_PKE_LN_EC(curve[curve_id], p, 2);
+ SET_PKE_LN_EC(curve[curve_id], a, 3);
+ SET_PKE_LN_EC(curve[curve_id], b, 4);
+
+ cookie->alg_bytesize = curve[curve_id].bytesize;
+ cookie->qat_func_alignsize = qat_func_alignsize;
+ qat_req->pke_hdr.cd_pars.func_id = func_id;
+ qat_req->input_param_count =
+ 5;
+ qat_req->output_param_count =
+ 0;
+
+ HEXDUMP("x", cookie->input_array[0], qat_func_alignsize);
+ HEXDUMP("y", cookie->input_array[1], qat_func_alignsize);
+ HEXDUMP("p", cookie->input_array[2], qat_func_alignsize);
+ HEXDUMP("a", cookie->input_array[3], qat_func_alignsize);
+ HEXDUMP("b", cookie->input_array[4], qat_func_alignsize);
+
+ return 0;
+}
+
static uint8_t
ecdh_collect(struct rte_crypto_asym_op *asym_op,
const struct qat_asym_op_cookie *cookie)
@@ -830,6 +877,9 @@ ecdh_collect(struct rte_crypto_asym_op *asym_op,
uint32_t qat_func_alignsize = cookie->qat_func_alignsize;
uint32_t ltrim = qat_func_alignsize - alg_bytesize;
+ if (asym_op->ecdh.ke_type == RTE_CRYPTO_ASYM_KE_PUB_KEY_VERIFY)
+ return RTE_CRYPTO_OP_STATUS_SUCCESS;
+
if (asym_op->ecdh.ke_type == RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE) {
asym_op->ecdh.pub_key.x.length = alg_bytesize;
asym_op->ecdh.pub_key.y.length = alg_bytesize;
@@ -870,8 +920,14 @@ asym_set_input(struct icp_qat_fw_pke_request *qat_req,
case RTE_CRYPTO_ASYM_XFORM_ECPM:
return ecpm_set_input(qat_req, cookie, asym_op, xform);
case RTE_CRYPTO_ASYM_XFORM_ECDH:
- return ecdh_set_input(qat_req, cookie,
+ if (asym_op->ecdh.ke_type ==
+ RTE_CRYPTO_ASYM_KE_PUB_KEY_VERIFY) {
+ return ecdh_verify_set_input(qat_req, cookie,
asym_op, xform);
+ } else {
+ return ecdh_set_input(qat_req, cookie,
+ asym_op, xform);
+ }
default:
QAT_LOG(ERR, "Invalid/unsupported asymmetric crypto xform");
return -EINVAL;
--
2.13.6
^ permalink raw reply [flat|nested] 10+ messages in thread* RE: [PATCH v2 4/4] crypto/qat: add ecdh public key verification
2022-10-20 15:09 ` [PATCH v2 4/4] crypto/qat: add ecdh public key verification Arek Kusztal
@ 2022-10-24 11:26 ` Ji, Kai
0 siblings, 0 replies; 10+ messages in thread
From: Ji, Kai @ 2022-10-24 11:26 UTC (permalink / raw)
To: Kusztal, ArkadiuszX, dev; +Cc: gakhil
Code may need rebase, otherwise
Acked-by: Kai Ji <kai.ji@intel.com>
> -----Original Message-----
> From: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>
> Sent: Thursday, October 20, 2022 4:10 PM
> To: dev@dpdk.org
> Cc: gakhil@marvell.com; Ji, Kai <kai.ji@intel.com>; Kusztal, ArkadiuszX
> <arkadiuszx.kusztal@intel.com>
> Subject: [PATCH v2 4/4] crypto/qat: add ecdh public key verification
>
> This commit adds verification option for elliptic curve points when used along
> ECDH algorithm.
>
> Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
> ---
<snip>
> +
> + cookie->alg_bytesize = curve[curve_id].bytesize;
> + cookie->qat_func_alignsize = qat_func_alignsize;
> + qat_req->pke_hdr.cd_pars.func_id = func_id;
> + qat_req->input_param_count =
> + 5;
[KJ] do we need new line here ?
> + qat_req->output_param_count =
> + 0;
> +
> + HEXDUMP("x", cookie->input_array[0], qat_func_alignsize);
> + HEXDUMP("y", cookie->input_array[1], qat_func_alignsize);
> + HEXDUMP("p", cookie->input_array[2], qat_func_alignsize);
> + HEXDUMP("a", cookie->input_array[3], qat_func_alignsize);
> + HEXDUMP("b", cookie->input_array[4], qat_func_alignsize);
> +
> + return 0;
> +}
> +
> static uint8_t
> ecdh_collect(struct rte_crypto_asym_op *asym_op,
> const struct qat_asym_op_cookie *cookie) @@ -830,6 +877,9
> @@ ecdh_collect(struct rte_crypto_asym_op *asym_op,
> uint32_t qat_func_alignsize = cookie->qat_func_alignsize;
> uint32_t ltrim = qat_func_alignsize - alg_bytesize;
>
> + if (asym_op->ecdh.ke_type ==
> RTE_CRYPTO_ASYM_KE_PUB_KEY_VERIFY)
> + return RTE_CRYPTO_OP_STATUS_SUCCESS;
> +
> if (asym_op->ecdh.ke_type ==
> RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE) {
> asym_op->ecdh.pub_key.x.length = alg_bytesize;
> asym_op->ecdh.pub_key.y.length = alg_bytesize; @@ -870,8
> +920,14 @@ asym_set_input(struct icp_qat_fw_pke_request *qat_req,
> case RTE_CRYPTO_ASYM_XFORM_ECPM:
> return ecpm_set_input(qat_req, cookie, asym_op, xform);
> case RTE_CRYPTO_ASYM_XFORM_ECDH:
> - return ecdh_set_input(qat_req, cookie,
> + if (asym_op->ecdh.ke_type ==
> + RTE_CRYPTO_ASYM_KE_PUB_KEY_VERIFY) {
> + return ecdh_verify_set_input(qat_req, cookie,
> asym_op, xform);
> + } else {
> + return ecdh_set_input(qat_req, cookie,
> + asym_op, xform);
> + }
> default:
> QAT_LOG(ERR, "Invalid/unsupported asymmetric crypto
> xform");
> return -EINVAL;
> --
> 2.13.6
^ permalink raw reply [flat|nested] 10+ messages in thread
* RE: [EXT] [PATCH v2 0/4] crypto/qat: extend asymmetric crypto pmd
2022-10-20 15:09 [PATCH v2 0/4] crypto/qat: extend asymmetric crypto pmd Arek Kusztal
` (3 preceding siblings ...)
2022-10-20 15:09 ` [PATCH v2 4/4] crypto/qat: add ecdh public key verification Arek Kusztal
@ 2022-10-27 9:48 ` Akhil Goyal
4 siblings, 0 replies; 10+ messages in thread
From: Akhil Goyal @ 2022-10-27 9:48 UTC (permalink / raw)
To: Arek Kusztal, dev; +Cc: kai.ji
> This patchset extends Intel QuickAssist Technology asymmetric crypto PMD.
> Following features were added:
> - ECDH algorithm handling
> - EC point verification
>
> Depends-on: series-25284 ("crypto/qat: fix uncleared cookies in asym")
>
Series applied to dpdk-next-crypto
Thanks.
^ permalink raw reply [flat|nested] 10+ messages in thread