From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <dev-bounces@dpdk.org>
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 79FAA41DCC;
	Mon, 13 Mar 2023 13:30:01 +0100 (CET)
Received: from mails.dpdk.org (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 6AEE0410D1;
	Mon, 13 Mar 2023 13:30:01 +0100 (CET)
Received: from mga01.intel.com (mga01.intel.com [192.55.52.88])
 by mails.dpdk.org (Postfix) with ESMTP id E8DF940151
 for <dev@dpdk.org>; Mon, 13 Mar 2023 13:29:59 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
 d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
 t=1678710600; x=1710246600;
 h=from:to:cc:subject:date:message-id:mime-version:
 content-transfer-encoding;
 bh=oV3p8sdYD0DYu+IsVPq0Jc8+MzcNDONPIlUxPqF6fV8=;
 b=CObN6NrUbuzdyLu07VnljZtCBdmxxDsh4f8VcX3FRdBQUDw79gZwj+Md
 i0z2rZx3Qm4LVdgkIItnLy2Bl2NfIUHnOl9zcdIsb41jqaeaIS/aJoQ0h
 2hg70cIytf0I7AgvrgBwvM4KXiuWuNMoeeEfnyOl3cOesvI43KAnFrP01
 37Tyl/1Z6jU5JF8FIvPIf9Ek8LMRyluq1ZFdAqG3GeeWuZxa9BRnt9u7X
 UA7alvY4yth84cWEfZzHILKfm0+C9a1Go74LuV74HygXP8SmMMpuM6EGM
 orrndE6fUacVYZZ1LHoSOI6wykxQvYhrQfQo+eD/vH6VUeMZxiMjwncKP Q==;
X-IronPort-AV: E=McAfee;i="6500,9779,10647"; a="364794514"
X-IronPort-AV: E=Sophos;i="5.98,256,1673942400"; d="scan'208";a="364794514"
Received: from fmsmga005.fm.intel.com ([10.253.24.32])
 by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 13 Mar 2023 05:29:59 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6500,9779,10647"; a="1007964141"
X-IronPort-AV: E=Sophos;i="5.98,256,1673942400"; d="scan'208";a="1007964141"
Received: from silpixa00400884.ir.intel.com ([10.243.22.145])
 by fmsmga005.fm.intel.com with ESMTP; 13 Mar 2023 05:29:57 -0700
From: Radu Nicolau <radu.nicolau@intel.com>
To: Jingjing Wu <jingjing.wu@intel.com>,
	Beilei Xing <beilei.xing@intel.com>
Cc: dev@dpdk.org,
	Radu Nicolau <radu.nicolau@intel.com>
Subject: [PATCH 2/2] net/iavf: use static capabilities to set IV size
Date: Mon, 13 Mar 2023 12:29:47 +0000
Message-Id: <20230313122948.53779-1-radu.nicolau@intel.com>
X-Mailer: git-send-email 2.25.1
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

If iavf_crypto_capabilities contains the required capability then
use the IV size defined there, otherwise use relaxed IV size constrains

Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
---
 drivers/net/iavf/iavf_ipsec_crypto.c | 54 ++++++++++++++++++++++------
 1 file changed, 43 insertions(+), 11 deletions(-)

diff --git a/drivers/net/iavf/iavf_ipsec_crypto.c b/drivers/net/iavf/iavf_ipsec_crypto.c
index 082948b61f..408b410f15 100644
--- a/drivers/net/iavf/iavf_ipsec_crypto.c
+++ b/drivers/net/iavf/iavf_ipsec_crypto.c
@@ -98,13 +98,13 @@ iavf_ipsec_crypto_session_size_get(void *device __rte_unused)
 }
 
 static const struct rte_cryptodev_symmetric_capability *
-get_capability(struct iavf_security_ctx *iavf_sctx,
+get_capability(struct iavf_security_ctx *iavf_sctx __rte_unused,
 	uint32_t algo, uint32_t type)
 {
 	const struct rte_cryptodev_capabilities *capability;
 	int i = 0;
 
-	capability = &iavf_sctx->crypto_capabilities[i];
+	capability = &iavf_crypto_capabilities[i];
 
 	while (capability->op != RTE_CRYPTO_OP_TYPE_UNDEFINED) {
 		if (capability->op == RTE_CRYPTO_OP_TYPE_SYMMETRIC &&
@@ -1229,7 +1229,8 @@ enum rte_crypto_auth_algorithm auth_maptbl[] = {
 
 static void
 update_auth_capabilities(struct rte_cryptodev_capabilities *scap,
-		struct virtchnl_algo_cap *acap)
+		struct virtchnl_algo_cap *acap,
+		const struct rte_cryptodev_symmetric_capability *symcap)
 {
 	struct rte_cryptodev_symmetric_capability *capability = &scap->sym;
 
@@ -1247,6 +1248,17 @@ update_auth_capabilities(struct rte_cryptodev_capabilities *scap,
 	capability->auth.digest_size.min = acap->min_digest_size;
 	capability->auth.digest_size.max = acap->max_digest_size;
 	capability->auth.digest_size.increment = acap->inc_digest_size;
+
+	if (symcap) {
+		capability->auth.iv_size.min = symcap->auth.iv_size.min;
+		capability->auth.iv_size.max = symcap->auth.iv_size.max;
+		capability->auth.iv_size.increment =
+				symcap->auth.iv_size.increment;
+	} else {
+		capability->auth.iv_size.min = 0;
+		capability->auth.iv_size.max = 65535;
+		capability->auth.iv_size.increment = 1;
+	}
 }
 
 enum rte_crypto_cipher_algorithm cipher_maptbl[] = {
@@ -1259,7 +1271,8 @@ enum rte_crypto_cipher_algorithm cipher_maptbl[] = {
 
 static void
 update_cipher_capabilities(struct rte_cryptodev_capabilities *scap,
-	struct virtchnl_algo_cap *acap)
+	struct virtchnl_algo_cap *acap,
+	const struct rte_cryptodev_symmetric_capability *symcap)
 {
 	struct rte_cryptodev_symmetric_capability *capability = &scap->sym;
 
@@ -1275,9 +1288,17 @@ update_cipher_capabilities(struct rte_cryptodev_capabilities *scap,
 	capability->cipher.key_size.max = acap->max_key_size;
 	capability->cipher.key_size.increment = acap->inc_key_size;
 
-	capability->cipher.iv_size.min = acap->min_iv_size;
-	capability->cipher.iv_size.max = acap->max_iv_size;
-	capability->cipher.iv_size.increment = acap->inc_iv_size;
+	if (symcap) {
+		capability->cipher.iv_size.min = symcap->cipher.iv_size.min;
+		capability->cipher.iv_size.max = symcap->cipher.iv_size.max;
+		capability->cipher.iv_size.increment =
+				symcap->cipher.iv_size.increment;
+
+	} else {
+		capability->cipher.iv_size.min = 0;
+		capability->cipher.iv_size.max = 65535;
+		capability->cipher.iv_size.increment = 1;
+	}
 }
 
 enum rte_crypto_aead_algorithm aead_maptbl[] = {
@@ -1289,7 +1310,8 @@ enum rte_crypto_aead_algorithm aead_maptbl[] = {
 
 static void
 update_aead_capabilities(struct rte_cryptodev_capabilities *scap,
-	struct virtchnl_algo_cap *acap)
+	struct virtchnl_algo_cap *acap,
+	const struct rte_cryptodev_symmetric_capability *symcap __rte_unused)
 {
 	struct rte_cryptodev_symmetric_capability *capability = &scap->sym;
 
@@ -1328,6 +1350,7 @@ iavf_ipsec_crypto_set_security_capabililites(struct iavf_security_ctx
 		*iavf_sctx, struct virtchnl_ipsec_cap *vch_cap)
 {
 	struct rte_cryptodev_capabilities *capabilities;
+	const struct rte_cryptodev_symmetric_capability *symcap;
 	int i, j, number_of_capabilities = 0, ci = 0;
 
 	/* Count the total number of crypto algorithms supported */
@@ -1354,16 +1377,25 @@ iavf_ipsec_crypto_set_security_capabililites(struct iavf_security_ctx
 		for (j = 0; j < vch_cap->cap[i].algo_cap_num; j++, ci++) {
 			switch (vch_cap->cap[i].crypto_type) {
 			case VIRTCHNL_AUTH:
+				symcap = get_auth_capability(iavf_sctx,
+					capabilities[ci].sym.auth.algo);
 				update_auth_capabilities(&capabilities[ci],
-					&vch_cap->cap[i].algo_cap_list[j]);
+					&vch_cap->cap[i].algo_cap_list[j],
+					symcap);
 				break;
 			case VIRTCHNL_CIPHER:
+				symcap = get_cipher_capability(iavf_sctx,
+					capabilities[ci].sym.cipher.algo);
 				update_cipher_capabilities(&capabilities[ci],
-					&vch_cap->cap[i].algo_cap_list[j]);
+					&vch_cap->cap[i].algo_cap_list[j],
+					symcap);
 				break;
 			case VIRTCHNL_AEAD:
+				symcap = get_aead_capability(iavf_sctx,
+					capabilities[ci].sym.aead.algo);
 				update_aead_capabilities(&capabilities[ci],
-					&vch_cap->cap[i].algo_cap_list[j]);
+					&vch_cap->cap[i].algo_cap_list[j],
+					symcap);
 				break;
 			default:
 				capabilities[ci].op =
-- 
2.25.1