From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id D590C42D09; Tue, 20 Jun 2023 16:12:25 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id E487F42D48; Tue, 20 Jun 2023 16:12:06 +0200 (CEST) Received: from NAM04-BN8-obe.outbound.protection.outlook.com (mail-bn8nam04on2074.outbound.protection.outlook.com [40.107.100.74]) by mails.dpdk.org (Postfix) with ESMTP id 9CD8342C4D for ; Tue, 20 Jun 2023 16:12:05 +0200 (CEST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Vj8gwB0jAIfO8eMmGqYkcvGS1jdFaG9+8a/7xYu6u6sDAUslCBemMea1r52GqpRfUIMv1rMg4CkSbd9ox7O1T3UMw/MQdHZ4nd5UtUl8KBE1L3ER3+GTdPCUWWB/0J5Uw7KidTVHxT9bNpjsSVxOI3pv9ln4gZ1wKkmFO8LC6Hw81QnXg6CNFSazY313cyrBGF+PC8zkCBSPbi9iTX67oFqNKj3hA8Z+tbMq91/BHXm6fIk2GZUoNS/toFBezdq5EdvFnbLjmisNIBWeQ5Cw1G/VLHdPWPBpUZpKz7yDMs/SavHJRAP/WGJnWGnvZMKT2OajCoVFFaHd/0+ItZ9REA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=HlrZnc4TBYinAE5ycix/9UD68IScnM54k3BL9xhW650=; b=EtvHgE4nw+EkAgWDhFnLcZEMp1+KO3yTCQWWfv/ZpR6PhhvVtQJSpi1a07AiIO4itrTi4v0Pjl5j6wlsH8wmqlmti6U7DVHRGkJkQlejflVCUSuNI+ZDHDlPRJdZGQ9BVnoNDFGvalIjnWc0QAlrKInrO8+xYX2ngk0G41TUofbX4jPdgp9yRj6s8Z+NIZNZWIEn8aOwOrrjnr8tRWGR1fF7Hp0ZUMdJoxUHX+lroDFnG5Lf0PdYWwWJRhDhOTKyS9WjHeG4aog2x88meT0HPT2x5pYaaxa9KXzv4Nwn5HzPLfnLb9Ay3+woL18HzDvrUbE4yCvN90hyj6tCXQ0ZIw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.161) smtp.rcpttodomain=marvell.com smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=HlrZnc4TBYinAE5ycix/9UD68IScnM54k3BL9xhW650=; b=Cw7fRa3uG0XOis02NE/ioz1bit8VBFeGCuXjNgeiDkoPNLNQRzIlDEKGULEtPMcUMMNrUu2mNQReZ0uqOtPalTyMezWlFcI6y88FxjLPHxBdHuAOKeeDxn8BK4ODzZk/CJdn/DuTZGoif2EAgPYmD3FXku0vh7ew98EYK5QGiVRWknoleeoh/+1zBglKlxI89mn1VLLOs5CVBTm2+6vh5PnwGEYqXgeemMHu5g/rcnuGq1P28V/uf1asc5kiIMJAiY97/sPODg5ETLI6bURizsxUPOlGKg11xFkqbw0kQm5tuEzZFwymrBbxBHJCbwkduOHWr2rj4cK2guECdxnaug== Received: from SJ0PR05CA0047.namprd05.prod.outlook.com (2603:10b6:a03:33f::22) by DS0PR12MB7534.namprd12.prod.outlook.com (2603:10b6:8:139::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6500.37; Tue, 20 Jun 2023 14:12:01 +0000 Received: from MWH0EPF000989E8.namprd02.prod.outlook.com (2603:10b6:a03:33f:cafe::aa) by SJ0PR05CA0047.outlook.office365.com (2603:10b6:a03:33f::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6521.21 via Frontend Transport; Tue, 20 Jun 2023 14:12:00 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.161) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.161 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.161; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.161) by MWH0EPF000989E8.mail.protection.outlook.com (10.167.241.135) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6521.17 via Frontend Transport; Tue, 20 Jun 2023 14:12:00 +0000 Received: from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com (10.129.200.67) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.5; Tue, 20 Jun 2023 07:11:43 -0700 Received: from nvidia.com (10.126.231.35) by rnnvmail201.nvidia.com (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.37; Tue, 20 Jun 2023 07:11:41 -0700 From: Suanming Mou To: , Matan Azrad CC: , Subject: [PATCH v4 4/9] crypto/mlx5: add AES-GCM encryption key Date: Tue, 20 Jun 2023 17:11:10 +0300 Message-ID: <20230620141115.841226-5-suanmingm@nvidia.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230620141115.841226-1-suanmingm@nvidia.com> References: <20230418092325.2578712-1-suanmingm@nvidia.com> <20230620141115.841226-1-suanmingm@nvidia.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-Originating-IP: [10.126.231.35] X-ClientProxiedBy: rnnvmail201.nvidia.com (10.129.68.8) To rnnvmail201.nvidia.com (10.129.68.8) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MWH0EPF000989E8:EE_|DS0PR12MB7534:EE_ X-MS-Office365-Filtering-Correlation-Id: 0ecde3d5-21f9-45fb-02ae-08db719850bc X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: aEsSxZX3BVCtjRZ5csUO1/xhoQZcJQrINAyoTn7metnnXfyXLu6dy8GSS7VZMatAAw9DfyHyDh4ztvrUZc7m7WTDgFX2EiWYx/gDHDzFHGHb7gWR/4Knazef0WZTNOFhC+4RElGcL8OF1MoYPXlhpvpuok9bQGQ3qH6hYIdCFwBr2Vyrc5CHEBlNCFp6ADFVeqDMzn/60BENixeGPIJrsKP3skyDk8sk7VQwPWdJ/vrruEQwlgElj9Y2hTnPpS5cqYlhUKmLpNJ9ma1t6E4+shYNeL6PzqpWK+pMF/q/ZrccUwAMjHj9wBSkDMrYT1Ka5WOZE79oGxd3s/+t5BhWaAv/LqZeUvmP61OrXLNne5uRwAwfdWtU0PPflV1YXfulupGQxzhs9PonK6ncritpgxjhfP9WDkh8/E7T/BXXrunvDSpgGb9uUZ9UsbpJeAhUTEdkCpUvIdC4VhOKDZPavtmT7yV7+hQtJJ8crdU36gvwqHZnkCtnkOMI3H9lFRzPSyE5tA9JdHXk5mukOgJ8kxTRtGrJtBH5Gj3mGM/ZAQTE9f6sxm6Z4XufdoNkiAENmP+fI1SUu+GdUSGi+MaEIHt9/eYEGkSStLXbtCwuZPC2/l+G4hDRuk4iWmxKlGoZeZa+WaHWI+kil3QHkEf6ufezrEoQR9ZsPgmxCcuPljb8Cr9xY9HY6YZt/bbD+i9EGslvXz26byHqt/HR1IzaB1xTU+DYQYrEDMzsoYG8+0Wtu0qcbpCKqtrEUNKJijze X-Forefront-Antispam-Report: CIP:216.228.117.161; CTRY:US; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:mail.nvidia.com; PTR:dc6edge2.nvidia.com; CAT:NONE; SFS:(13230028)(4636009)(39860400002)(396003)(346002)(376002)(136003)(451199021)(46966006)(40470700004)(36840700001)(83380400001)(47076005)(7696005)(54906003)(6666004)(110136005)(316002)(8676002)(8936002)(2616005)(36756003)(86362001)(26005)(1076003)(4326008)(6286002)(6636002)(16526019)(186003)(426003)(336012)(41300700001)(5660300002)(82310400005)(70586007)(70206006)(356005)(40460700003)(82740400003)(7636003)(55016003)(40480700001)(36860700001)(478600001)(2906002); DIR:OUT; SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Jun 2023 14:12:00.5586 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 0ecde3d5-21f9-45fb-02ae-08db719850bc X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a; Ip=[216.228.117.161]; Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: MWH0EPF000989E8.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR12MB7534 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org The crypto device requires the DEK(data encryption key) object for data encryption/decryption operation. This commit adds the AES-GCM DEK object management support. Signed-off-by: Suanming Mou Acked-by: Matan Azrad --- drivers/crypto/mlx5/mlx5_crypto.h | 17 ++++- drivers/crypto/mlx5/mlx5_crypto_dek.c | 102 +++++++++++++------------- drivers/crypto/mlx5/mlx5_crypto_gcm.c | 33 +++++++++ drivers/crypto/mlx5/mlx5_crypto_xts.c | 53 ++++++++++++- 4 files changed, 150 insertions(+), 55 deletions(-) diff --git a/drivers/crypto/mlx5/mlx5_crypto.h b/drivers/crypto/mlx5/mlx5_crypto.h index 76f368ee91..bb5a557a38 100644 --- a/drivers/crypto/mlx5/mlx5_crypto.h +++ b/drivers/crypto/mlx5/mlx5_crypto.h @@ -86,6 +86,11 @@ struct mlx5_crypto_session { uint32_t dek_id; /**< DEK ID */ } __rte_packed; +struct mlx5_crypto_dek_ctx { + struct rte_crypto_sym_xform *xform; + struct mlx5_crypto_priv *priv; +}; + typedef void *(*mlx5_crypto_mkey_update_t)(struct mlx5_crypto_priv *priv, struct mlx5_crypto_qp *qp, uint32_t idx); @@ -106,7 +111,7 @@ mlx5_crypto_dek_destroy(struct mlx5_crypto_priv *priv, struct mlx5_crypto_dek * mlx5_crypto_dek_prepare(struct mlx5_crypto_priv *priv, - struct rte_crypto_cipher_xform *cipher); + struct rte_crypto_sym_xform *xform); int mlx5_crypto_dek_setup(struct mlx5_crypto_priv *priv); @@ -120,4 +125,14 @@ mlx5_crypto_xts_init(struct mlx5_crypto_priv *priv); int mlx5_crypto_gcm_init(struct mlx5_crypto_priv *priv); +int +mlx5_crypto_dek_fill_xts_attr(struct mlx5_crypto_dek *dek, + struct mlx5_devx_dek_attr *dek_attr, + void *cb_ctx); + +int +mlx5_crypto_dek_fill_gcm_attr(struct mlx5_crypto_dek *dek, + struct mlx5_devx_dek_attr *dek_attr, + void *cb_ctx); + #endif /* MLX5_CRYPTO_H_ */ diff --git a/drivers/crypto/mlx5/mlx5_crypto_dek.c b/drivers/crypto/mlx5/mlx5_crypto_dek.c index 7339ef2bd9..716bcc0545 100644 --- a/drivers/crypto/mlx5/mlx5_crypto_dek.c +++ b/drivers/crypto/mlx5/mlx5_crypto_dek.c @@ -13,10 +13,24 @@ #include "mlx5_crypto_utils.h" #include "mlx5_crypto.h" -struct mlx5_crypto_dek_ctx { - struct rte_crypto_cipher_xform *cipher; - struct mlx5_crypto_priv *priv; -}; +static int +mlx5_crypto_dek_get_key(struct rte_crypto_sym_xform *xform, + const uint8_t **key, + uint16_t *key_len) +{ + if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER) { + *key = xform->cipher.key.data; + *key_len = xform->cipher.key.length; + } else if (xform->type == RTE_CRYPTO_SYM_XFORM_AEAD) { + *key = xform->aead.key.data; + *key_len = xform->aead.key.length; + } else { + DRV_LOG(ERR, "Xform dek type not supported."); + rte_errno = -EINVAL; + return -1; + } + return 0; +} int mlx5_crypto_dek_destroy(struct mlx5_crypto_priv *priv, @@ -27,19 +41,22 @@ mlx5_crypto_dek_destroy(struct mlx5_crypto_priv *priv, struct mlx5_crypto_dek * mlx5_crypto_dek_prepare(struct mlx5_crypto_priv *priv, - struct rte_crypto_cipher_xform *cipher) + struct rte_crypto_sym_xform *xform) { + const uint8_t *key; + uint16_t key_len; struct mlx5_hlist *dek_hlist = priv->dek_hlist; struct mlx5_crypto_dek_ctx dek_ctx = { - .cipher = cipher, + .xform = xform, .priv = priv, }; - struct rte_crypto_cipher_xform *cipher_ctx = cipher; - uint64_t key64 = __rte_raw_cksum(cipher_ctx->key.data, - cipher_ctx->key.length, 0); - struct mlx5_list_entry *entry = mlx5_hlist_register(dek_hlist, - key64, &dek_ctx); + uint64_t key64; + struct mlx5_list_entry *entry; + if (mlx5_crypto_dek_get_key(xform, &key, &key_len)) + return NULL; + key64 = __rte_raw_cksum(key, key_len, 0); + entry = mlx5_hlist_register(dek_hlist, key64, &dek_ctx); return entry == NULL ? NULL : container_of(entry, struct mlx5_crypto_dek, entry); } @@ -76,76 +93,55 @@ mlx5_crypto_dek_match_cb(void *tool_ctx __rte_unused, struct mlx5_list_entry *entry, void *cb_ctx) { struct mlx5_crypto_dek_ctx *ctx = cb_ctx; - struct rte_crypto_cipher_xform *cipher_ctx = ctx->cipher; + struct rte_crypto_sym_xform *xform = ctx->xform; struct mlx5_crypto_dek *dek = container_of(entry, typeof(*dek), entry); uint32_t key_len = dek->size; + uint16_t xkey_len; + const uint8_t *key; - if (key_len != cipher_ctx->key.length) + if (mlx5_crypto_dek_get_key(xform, &key, &xkey_len)) + return -1; + if (key_len != xkey_len) return -1; - return memcmp(cipher_ctx->key.data, dek->data, cipher_ctx->key.length); + return memcmp(key, dek->data, xkey_len); } static struct mlx5_list_entry * mlx5_crypto_dek_create_cb(void *tool_ctx __rte_unused, void *cb_ctx) { struct mlx5_crypto_dek_ctx *ctx = cb_ctx; - struct rte_crypto_cipher_xform *cipher_ctx = ctx->cipher; + struct rte_crypto_sym_xform *xform = ctx->xform; struct mlx5_crypto_dek *dek = rte_zmalloc(__func__, sizeof(*dek), RTE_CACHE_LINE_SIZE); struct mlx5_devx_dek_attr dek_attr = { .pd = ctx->priv->cdev->pdn, - .key_purpose = MLX5_CRYPTO_KEY_PURPOSE_AES_XTS, - .has_keytag = 1, }; - bool is_wrapped = ctx->priv->is_wrapped_mode; + int ret = -1; if (dek == NULL) { DRV_LOG(ERR, "Failed to allocate dek memory."); return NULL; } - if (is_wrapped) { - switch (cipher_ctx->key.length) { - case 48: - dek->size = 48; - dek_attr.key_size = MLX5_CRYPTO_KEY_SIZE_128b; - break; - case 80: - dek->size = 80; - dek_attr.key_size = MLX5_CRYPTO_KEY_SIZE_256b; - break; - default: - DRV_LOG(ERR, "Wrapped key size not supported."); - return NULL; - } - } else { - switch (cipher_ctx->key.length) { - case 32: - dek->size = 40; - dek_attr.key_size = MLX5_CRYPTO_KEY_SIZE_128b; - break; - case 64: - dek->size = 72; - dek_attr.key_size = MLX5_CRYPTO_KEY_SIZE_256b; - break; - default: - DRV_LOG(ERR, "Key size not supported."); - return NULL; - } - memcpy(&dek_attr.key[cipher_ctx->key.length], - &ctx->priv->keytag, 8); - } - memcpy(&dek_attr.key, cipher_ctx->key.data, cipher_ctx->key.length); + if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER) + ret = mlx5_crypto_dek_fill_xts_attr(dek, &dek_attr, cb_ctx); + else if (xform->type == RTE_CRYPTO_SYM_XFORM_AEAD) + ret = mlx5_crypto_dek_fill_gcm_attr(dek, &dek_attr, cb_ctx); + if (ret) + goto fail; dek->obj = mlx5_devx_cmd_create_dek_obj(ctx->priv->cdev->ctx, &dek_attr); if (dek->obj == NULL) { - rte_free(dek); - return NULL; + DRV_LOG(ERR, "Failed to create dek obj."); + goto fail; } - memcpy(&dek->data, cipher_ctx->key.data, cipher_ctx->key.length); return &dek->entry; +fail: + rte_free(dek); + return NULL; } + static void mlx5_crypto_dek_remove_cb(void *tool_ctx __rte_unused, struct mlx5_list_entry *entry) diff --git a/drivers/crypto/mlx5/mlx5_crypto_gcm.c b/drivers/crypto/mlx5/mlx5_crypto_gcm.c index bd78c6d66b..5b315ef42c 100644 --- a/drivers/crypto/mlx5/mlx5_crypto_gcm.c +++ b/drivers/crypto/mlx5/mlx5_crypto_gcm.c @@ -27,6 +27,39 @@ static struct rte_cryptodev_capabilities mlx5_crypto_gcm_caps[] = { } }; +int +mlx5_crypto_dek_fill_gcm_attr(struct mlx5_crypto_dek *dek, + struct mlx5_devx_dek_attr *dek_attr, + void *cb_ctx) +{ + uint32_t offset = 0; + struct mlx5_crypto_dek_ctx *ctx = cb_ctx; + struct rte_crypto_aead_xform *aead_ctx = &ctx->xform->aead; + + if (aead_ctx->algo != RTE_CRYPTO_AEAD_AES_GCM) { + DRV_LOG(ERR, "Only AES-GCM algo supported."); + return -EINVAL; + } + dek_attr->key_purpose = MLX5_CRYPTO_KEY_PURPOSE_GCM; + switch (aead_ctx->key.length) { + case 16: + offset = 16; + dek->size = 16; + dek_attr->key_size = MLX5_CRYPTO_KEY_SIZE_128b; + break; + case 32: + dek->size = 32; + dek_attr->key_size = MLX5_CRYPTO_KEY_SIZE_256b; + break; + default: + DRV_LOG(ERR, "Wrapped key size not supported."); + return -EINVAL; + } + memcpy(&dek_attr->key[offset], aead_ctx->key.data, aead_ctx->key.length); + memcpy(&dek->data, aead_ctx->key.data, aead_ctx->key.length); + return 0; +} + int mlx5_crypto_gcm_init(struct mlx5_crypto_priv *priv) { diff --git a/drivers/crypto/mlx5/mlx5_crypto_xts.c b/drivers/crypto/mlx5/mlx5_crypto_xts.c index 964d02e6ed..661da5f589 100644 --- a/drivers/crypto/mlx5/mlx5_crypto_xts.c +++ b/drivers/crypto/mlx5/mlx5_crypto_xts.c @@ -45,6 +45,57 @@ const struct rte_cryptodev_capabilities mlx5_crypto_caps[] = { }, }; +int +mlx5_crypto_dek_fill_xts_attr(struct mlx5_crypto_dek *dek, + struct mlx5_devx_dek_attr *dek_attr, + void *cb_ctx) +{ + struct mlx5_crypto_dek_ctx *ctx = cb_ctx; + struct rte_crypto_cipher_xform *cipher_ctx = &ctx->xform->cipher; + bool is_wrapped = ctx->priv->is_wrapped_mode; + + if (cipher_ctx->algo != RTE_CRYPTO_CIPHER_AES_XTS) { + DRV_LOG(ERR, "Only AES-XTS algo supported."); + return -EINVAL; + } + dek_attr->key_purpose = MLX5_CRYPTO_KEY_PURPOSE_AES_XTS; + dek_attr->has_keytag = 1; + if (is_wrapped) { + switch (cipher_ctx->key.length) { + case 48: + dek->size = 48; + dek_attr->key_size = MLX5_CRYPTO_KEY_SIZE_128b; + break; + case 80: + dek->size = 80; + dek_attr->key_size = MLX5_CRYPTO_KEY_SIZE_256b; + break; + default: + DRV_LOG(ERR, "Wrapped key size not supported."); + return -EINVAL; + } + } else { + switch (cipher_ctx->key.length) { + case 32: + dek->size = 40; + dek_attr->key_size = MLX5_CRYPTO_KEY_SIZE_128b; + break; + case 64: + dek->size = 72; + dek_attr->key_size = MLX5_CRYPTO_KEY_SIZE_256b; + break; + default: + DRV_LOG(ERR, "Key size not supported."); + return -EINVAL; + } + memcpy(&dek_attr->key[cipher_ctx->key.length], + &ctx->priv->keytag, 8); + } + memcpy(&dek_attr->key, cipher_ctx->key.data, cipher_ctx->key.length); + memcpy(&dek->data, cipher_ctx->key.data, cipher_ctx->key.length); + return 0; +} + static int mlx5_crypto_xts_sym_session_configure(struct rte_cryptodev *dev, struct rte_crypto_sym_xform *xform, @@ -66,7 +117,7 @@ mlx5_crypto_xts_sym_session_configure(struct rte_cryptodev *dev, return -ENOTSUP; } cipher = &xform->cipher; - sess_private_data->dek = mlx5_crypto_dek_prepare(priv, cipher); + sess_private_data->dek = mlx5_crypto_dek_prepare(priv, xform); if (sess_private_data->dek == NULL) { DRV_LOG(ERR, "Failed to prepare dek."); return -ENOMEM; -- 2.25.1