From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 0320645B01; Thu, 10 Oct 2024 12:13:21 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 92AED40298; Thu, 10 Oct 2024 12:13:21 +0200 (CEST) Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.16]) by mails.dpdk.org (Postfix) with ESMTP id F3B3A4025E for ; Thu, 10 Oct 2024 12:13:19 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1728555200; x=1760091200; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=lWuuTwFXaG6y05Y6Ze0lVTr7xbzia2PHdji7GNMH4V0=; b=RG3DT1wJpS40oS9JorGTxS1G3GnkZS7Py15qnSxROaySJMIW1q9Lcq4s jZU8uKfBlX5rwn8+99BQUsJH6trJU3dwA97bSpzOz8tRfifx7BXKWDJJX NjJEVCJyFuVPfc7CnUBau3ip7oFPlt6xB1mi1ups2Xdymj7S8ippac6Je PmUxkMffIgYynaoQVdS35oBrUMgWZlE6mLAyP1GmSlsA6g7npPJXwrmcz J2zvrFxo6+JcwipvOz8heEifwHVOuOLf/Fy8TKEAhYBk5v791pDeVb/xE 8O5xSSeZImPGxXoTO7xsXxHK4MOR50RXx1zctO47ysGDLtbscO7YG6iVS Q==; X-CSE-ConnectionGUID: AhcqSlDlSGGS+x/VdVy28Q== X-CSE-MsgGUID: wE9EzyrHSBi6iiY6OtGphg== X-IronPort-AV: E=McAfee;i="6700,10204,11220"; a="15525975" X-IronPort-AV: E=Sophos;i="6.11,192,1725346800"; d="scan'208";a="15525975" Received: from orviesa006.jf.intel.com ([10.64.159.146]) by fmvoesa110.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Oct 2024 03:13:19 -0700 X-CSE-ConnectionGUID: Slg4dJ2/QE+kN9zOBJQB5Q== X-CSE-MsgGUID: 6uGlDlvwT86uHxrCQfTVnA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.11,192,1725346800"; d="scan'208";a="76746928" Received: from silpixa00400886.ir.intel.com ([10.243.22.139]) by orviesa006.jf.intel.com with ESMTP; 10 Oct 2024 03:13:17 -0700 From: Brian Dooley To: Kai Ji , Pablo de Lara Cc: dev@dpdk.org, gakhil@marvell.com, Brian Dooley Subject: [PATCH v3] crypto/ipsec_mb: bump minimum IPsec MB version Date: Thu, 10 Oct 2024 11:13:13 +0100 Message-Id: <20241010101313.3933073-1-brian.dooley@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20241004145815.2275878-1-brian.dooley@intel.com> References: <20241004145815.2275878-1-brian.dooley@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org AESNI_MB SW PMDs increment Intel IPsec MB version to 1.4. A minimum IPsec Multi-buffer version of 1.4 or greater is now required for the 24.11 LTS release. Signed-off-by: Brian Dooley Acked-by: Kai Ji Acked-by: Pablo de Lara --- This patch relates to a deprecation notice sent in the 24.03 release. Intel IPsec MB minimum version being bumped to 1.4 for the 24.11 release. https://patches.dpdk.org/project/dpdk/patch/20240314103731.3242086-2-brian.dooley@intel.com/ v2: Added release note Remove more IMB_VERSION checks v3: Remove deprecation notice --- doc/guides/cryptodevs/aesni_gcm.rst | 3 +- doc/guides/cryptodevs/aesni_mb.rst | 3 +- doc/guides/cryptodevs/chacha20_poly1305.rst | 3 +- doc/guides/cryptodevs/kasumi.rst | 3 +- doc/guides/cryptodevs/snow3g.rst | 3 +- doc/guides/cryptodevs/zuc.rst | 3 +- doc/guides/rel_notes/deprecation.rst | 5 - doc/guides/rel_notes/release_24_11.rst | 3 + drivers/crypto/ipsec_mb/ipsec_mb_ops.c | 24 -- drivers/crypto/ipsec_mb/meson.build | 2 +- drivers/crypto/ipsec_mb/pmd_aesni_mb.c | 268 +------------------- drivers/crypto/ipsec_mb/pmd_aesni_mb_priv.h | 9 - 12 files changed, 19 insertions(+), 310 deletions(-) diff --git a/doc/guides/cryptodevs/aesni_gcm.rst b/doc/guides/cryptodevs/aesni_gcm.rst index 3af1486553..7592d33da2 100644 --- a/doc/guides/cryptodevs/aesni_gcm.rst +++ b/doc/guides/cryptodevs/aesni_gcm.rst @@ -74,7 +74,8 @@ and the external crypto libraries supported by them: DPDK version Crypto library version ============= ================================ 20.11 - 21.08 Multi-buffer library 0.53 - 1.3 - 21.11+ Multi-buffer library 1.0 - 1.5 + 21.11 - 24.07 Multi-buffer library 1.0 - 1.5 + 24.11+ Multi-buffer library 1.4 - 1.5 ============= ================================ Initialization diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst index ca930be1bd..16d82147b2 100644 --- a/doc/guides/cryptodevs/aesni_mb.rst +++ b/doc/guides/cryptodevs/aesni_mb.rst @@ -137,7 +137,8 @@ and the Multi-Buffer library version supported by them: DPDK version Multi-buffer library version ============== ============================ 20.11 - 21.08 0.53 - 1.3 - 21.11+ 1.0 - 1.5 + 21.11 - 24.07 1.0 - 1.5 + 24.11+ 1.4 - 1.5 ============== ============================ Initialization diff --git a/doc/guides/cryptodevs/chacha20_poly1305.rst b/doc/guides/cryptodevs/chacha20_poly1305.rst index 44cff85918..b5a980b247 100644 --- a/doc/guides/cryptodevs/chacha20_poly1305.rst +++ b/doc/guides/cryptodevs/chacha20_poly1305.rst @@ -66,7 +66,8 @@ and the external crypto libraries supported by them: ============= ================================ DPDK version Crypto library version ============= ================================ - 21.11+ Multi-buffer library 1.0-1.5 + 21.11 - 24.07 Multi-buffer library 1.0 - 1.5 + 24.11+ Multi-buffer library 1.4 - 1.5 ============= ================================ Initialization diff --git a/doc/guides/cryptodevs/kasumi.rst b/doc/guides/cryptodevs/kasumi.rst index 4070f025e1..b57f18b56f 100644 --- a/doc/guides/cryptodevs/kasumi.rst +++ b/doc/guides/cryptodevs/kasumi.rst @@ -80,7 +80,8 @@ and the external crypto libraries supported by them: DPDK version Crypto library version ============= ================================ 20.02 - 21.08 Multi-buffer library 0.53 - 1.3 - 21.11+ Multi-buffer library 1.0 - 1.5 + 21.11 - 24.07 Multi-buffer library 1.0 - 1.5 + 24.11+ Multi-buffer library 1.4 - 1.5 ============= ================================ Initialization diff --git a/doc/guides/cryptodevs/snow3g.rst b/doc/guides/cryptodevs/snow3g.rst index 6eb8229fb5..fb4e0448ac 100644 --- a/doc/guides/cryptodevs/snow3g.rst +++ b/doc/guides/cryptodevs/snow3g.rst @@ -89,7 +89,8 @@ and the external crypto libraries supported by them: DPDK version Crypto library version ============= ================================ 20.02 - 21.08 Multi-buffer library 0.53 - 1.3 - 21.11+ Multi-buffer library 1.0 - 1.5 + 21.11 - 24.07 Multi-buffer library 1.0 - 1.5 + 24.11+ Multi-buffer library 1.4 - 1.5 ============= ================================ Initialization diff --git a/doc/guides/cryptodevs/zuc.rst b/doc/guides/cryptodevs/zuc.rst index 29fe6279aa..4615562246 100644 --- a/doc/guides/cryptodevs/zuc.rst +++ b/doc/guides/cryptodevs/zuc.rst @@ -88,7 +88,8 @@ and the external crypto libraries supported by them: DPDK version Crypto library version ============= ================================ 20.02 - 21.08 Multi-buffer library 0.53 - 1.3 - 21.11+ Multi-buffer library 1.0 - 1.5 + 21.11 - 24.07 Multi-buffer library 1.0 - 1.5 + 24.11+ Multi-buffer library 1.4 - 1.5 ============= ================================ Initialization diff --git a/doc/guides/rel_notes/deprecation.rst b/doc/guides/rel_notes/deprecation.rst index 1535ea7abf..dd920bc3d7 100644 --- a/doc/guides/rel_notes/deprecation.rst +++ b/doc/guides/rel_notes/deprecation.rst @@ -169,11 +169,6 @@ Deprecation Notices * fib: A new flag field will be introduced in ``rte_fib_conf`` structure in DPDK 24.11. This field will be used to pass extra configuration settings. -* cryptodev: The Intel IPsec Multi-Buffer version will be bumped - to a minimum version of v1.4. - This will effect the KASUMI, SNOW3G, ZUC, AESNI GCM, AESNI MB and CHACHAPOLY - SW PMDs. - * eventdev: The single-event (non-burst) enqueue and dequeue operations, used by static inline burst enqueue and dequeue functions in ``rte_eventdev.h``, will be removed in DPDK 23.11. diff --git a/doc/guides/rel_notes/release_24_11.rst b/doc/guides/rel_notes/release_24_11.rst index 6a8ffe6f19..4430cf5b3a 100644 --- a/doc/guides/rel_notes/release_24_11.rst +++ b/doc/guides/rel_notes/release_24_11.rst @@ -82,6 +82,9 @@ New Features * Added support for SM3 algorithm. * Added support for SM3 HMAC algorithm. * Added support for SM4 CBC, SM4 ECB and SM4 CTR algorithms. + * In 24.11 LTS release the Intel IPsec Multi-buffer version is bumped to a + minimum version of v1.4. This will effect the KASUMI, SNOW3G, ZUC, + AESNI GCM, AESNI MB and CHACHAPOLY SW PMDs. * **Updated openssl crypto driver.** diff --git a/drivers/crypto/ipsec_mb/ipsec_mb_ops.c b/drivers/crypto/ipsec_mb/ipsec_mb_ops.c index ba899604d2..910efb1a97 100644 --- a/drivers/crypto/ipsec_mb/ipsec_mb_ops.c +++ b/drivers/crypto/ipsec_mb/ipsec_mb_ops.c @@ -11,8 +11,6 @@ #include "ipsec_mb_private.h" -#define IMB_MP_REQ_VER_STR "1.1.0" - /** Configure device */ int ipsec_mb_config(__rte_unused struct rte_cryptodev *dev, @@ -147,15 +145,10 @@ ipsec_mb_qp_release(struct rte_cryptodev *dev, uint16_t qp_id) if (rte_eal_process_type() == RTE_PROC_PRIMARY) { rte_ring_free(rte_ring_lookup(qp->name)); -#if IMB_VERSION(1, 1, 0) > IMB_VERSION_NUM - if (qp->mb_mgr) - free_mb_mgr(qp->mb_mgr); -#else if (qp->mb_mgr_mz) { rte_memzone_free(qp->mb_mgr_mz); qp->mb_mgr = NULL; } -#endif rte_free(qp); dev->data->queue_pairs[qp_id] = NULL; } else { /* secondary process */ @@ -211,7 +204,6 @@ static struct rte_ring RING_F_SP_ENQ | RING_F_SC_DEQ); } -#if IMB_VERSION(1, 1, 0) <= IMB_VERSION_NUM static IMB_MGR * ipsec_mb_alloc_mgr_from_memzone(const struct rte_memzone **mb_mgr_mz, const char *mb_mgr_mz_name) @@ -244,7 +236,6 @@ ipsec_mb_alloc_mgr_from_memzone(const struct rte_memzone **mb_mgr_mz, } return mb_mgr; } -#endif /** Setup a queue pair */ int @@ -260,12 +251,6 @@ ipsec_mb_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id, int ret; if (rte_eal_process_type() == RTE_PROC_SECONDARY) { -#if IMB_VERSION(1, 1, 0) > IMB_VERSION_NUM - IPSEC_MB_LOG(ERR, "The intel-ipsec-mb version (%s) does not support multiprocess," - "the minimum version required for this feature is %s.", - IMB_VERSION_STR, IMB_MP_REQ_VER_STR); - return -EINVAL; -#endif qp = dev->data->queue_pairs[qp_id]; if (qp == NULL) { IPSEC_MB_LOG(DEBUG, "Secondary process setting up device qp."); @@ -285,15 +270,11 @@ ipsec_mb_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id, return -ENOMEM; } -#if IMB_VERSION(1, 1, 0) > IMB_VERSION_NUM - qp->mb_mgr = alloc_init_mb_mgr(); -#else char mz_name[IPSEC_MB_MAX_MZ_NAME]; snprintf(mz_name, sizeof(mz_name), "IMB_MGR_DEV_%d_QP_%d", dev->data->dev_id, qp_id); qp->mb_mgr = ipsec_mb_alloc_mgr_from_memzone(&(qp->mb_mgr_mz), mz_name); -#endif if (qp->mb_mgr == NULL) { ret = -ENOMEM; goto qp_setup_cleanup; @@ -330,14 +311,9 @@ ipsec_mb_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id, return 0; qp_setup_cleanup: -#if IMB_VERSION(1, 1, 0) > IMB_VERSION_NUM - if (qp->mb_mgr) - free_mb_mgr(qp->mb_mgr); -#else if (rte_eal_process_type() == RTE_PROC_SECONDARY) return ret; rte_memzone_free(qp->mb_mgr_mz); -#endif rte_free(qp); return ret; } diff --git a/drivers/crypto/ipsec_mb/meson.build b/drivers/crypto/ipsec_mb/meson.build index 87bf965554..0c988d7411 100644 --- a/drivers/crypto/ipsec_mb/meson.build +++ b/drivers/crypto/ipsec_mb/meson.build @@ -7,7 +7,7 @@ if is_windows subdir_done() endif -IMB_required_ver = '1.0.0' +IMB_required_ver = '1.4.0' IMB_header = '#include' if arch_subdir == 'arm' IMB_header = '#include' diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c index a275ff0fe2..05dc1a039f 100644 --- a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c +++ b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c @@ -15,51 +15,6 @@ struct aesni_mb_op_buf_data { uint32_t offset; }; -#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM -/** - * Calculate the authentication pre-computes - * - * @param one_block_hash Function pointer - * to calculate digest on ipad/opad - * @param ipad Inner pad output byte array - * @param opad Outer pad output byte array - * @param hkey Authentication key - * @param hkey_len Authentication key length - * @param blocksize Block size of selected hash algo - */ -static void -calculate_auth_precomputes(hash_one_block_t one_block_hash, - uint8_t *ipad, uint8_t *opad, - const uint8_t *hkey, uint16_t hkey_len, - uint16_t blocksize) -{ - uint32_t i, length; - - alignas(16) uint8_t ipad_buf[blocksize]; - alignas(16) uint8_t opad_buf[blocksize]; - - /* Setup inner and outer pads */ - memset(ipad_buf, HMAC_IPAD_VALUE, blocksize); - memset(opad_buf, HMAC_OPAD_VALUE, blocksize); - - /* XOR hash key with inner and outer pads */ - length = hkey_len > blocksize ? blocksize : hkey_len; - - for (i = 0; i < length; i++) { - ipad_buf[i] ^= hkey[i]; - opad_buf[i] ^= hkey[i]; - } - - /* Compute partial hashes */ - (*one_block_hash)(ipad_buf, ipad); - (*one_block_hash)(opad_buf, opad); - - /* Clean up stack */ - memset(ipad_buf, 0, blocksize); - memset(opad_buf, 0, blocksize); -} -#endif - static inline int is_aead_algo(IMB_HASH_ALG hash_alg, IMB_CIPHER_MODE cipher_mode) { @@ -74,10 +29,6 @@ aesni_mb_set_session_auth_parameters(IMB_MGR *mb_mgr, struct aesni_mb_session *sess, const struct rte_crypto_sym_xform *xform) { -#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM - hash_one_block_t hash_oneblock_fn = NULL; - unsigned int key_larger_block_size = 0; -#endif uint8_t hashed_key[HMAC_MAX_BLOCK_SIZE] = { 0 }; uint32_t auth_precompute = 1; @@ -216,13 +167,9 @@ aesni_mb_set_session_auth_parameters(IMB_MGR *mb_mgr, } } else if (xform->auth.key.length == 32) { sess->template_job.hash_alg = IMB_AUTH_ZUC256_EIA3_BITLEN; -#if IMB_VERSION(1, 2, 0) < IMB_VERSION_NUM if (sess->auth.req_digest_len != 4 && sess->auth.req_digest_len != 8 && sess->auth.req_digest_len != 16) { -#else - if (sess->auth.req_digest_len != 4) { -#endif IPSEC_MB_LOG(ERR, "Invalid digest size"); return -EINVAL; } @@ -273,24 +220,15 @@ aesni_mb_set_session_auth_parameters(IMB_MGR *mb_mgr, switch (xform->auth.algo) { case RTE_CRYPTO_AUTH_MD5_HMAC: sess->template_job.hash_alg = IMB_AUTH_MD5; -#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM - hash_oneblock_fn = mb_mgr->md5_one_block; -#endif break; case RTE_CRYPTO_AUTH_SHA1_HMAC: sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_1; -#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM - hash_oneblock_fn = mb_mgr->sha1_one_block; -#endif if (xform->auth.key.length > get_auth_algo_blocksize( IMB_AUTH_HMAC_SHA_1)) { IMB_SHA1(mb_mgr, xform->auth.key.data, xform->auth.key.length, hashed_key); -#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM - key_larger_block_size = 1; -#endif } break; case RTE_CRYPTO_AUTH_SHA1: @@ -299,18 +237,12 @@ aesni_mb_set_session_auth_parameters(IMB_MGR *mb_mgr, break; case RTE_CRYPTO_AUTH_SHA224_HMAC: sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_224; -#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM - hash_oneblock_fn = mb_mgr->sha224_one_block; -#endif if (xform->auth.key.length > get_auth_algo_blocksize( IMB_AUTH_HMAC_SHA_224)) { IMB_SHA224(mb_mgr, xform->auth.key.data, xform->auth.key.length, hashed_key); -#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM - key_larger_block_size = 1; -#endif } break; case RTE_CRYPTO_AUTH_SHA224: @@ -319,18 +251,12 @@ aesni_mb_set_session_auth_parameters(IMB_MGR *mb_mgr, break; case RTE_CRYPTO_AUTH_SHA256_HMAC: sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_256; -#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM - hash_oneblock_fn = mb_mgr->sha256_one_block; -#endif if (xform->auth.key.length > get_auth_algo_blocksize( IMB_AUTH_HMAC_SHA_256)) { IMB_SHA256(mb_mgr, xform->auth.key.data, xform->auth.key.length, hashed_key); -#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM - key_larger_block_size = 1; -#endif } break; case RTE_CRYPTO_AUTH_SHA256: @@ -339,18 +265,12 @@ aesni_mb_set_session_auth_parameters(IMB_MGR *mb_mgr, break; case RTE_CRYPTO_AUTH_SHA384_HMAC: sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_384; -#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM - hash_oneblock_fn = mb_mgr->sha384_one_block; -#endif if (xform->auth.key.length > get_auth_algo_blocksize( IMB_AUTH_HMAC_SHA_384)) { IMB_SHA384(mb_mgr, xform->auth.key.data, xform->auth.key.length, hashed_key); -#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM - key_larger_block_size = 1; -#endif } break; case RTE_CRYPTO_AUTH_SHA384: @@ -359,18 +279,12 @@ aesni_mb_set_session_auth_parameters(IMB_MGR *mb_mgr, break; case RTE_CRYPTO_AUTH_SHA512_HMAC: sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_512; -#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM - hash_oneblock_fn = mb_mgr->sha512_one_block; -#endif if (xform->auth.key.length > get_auth_algo_blocksize( IMB_AUTH_HMAC_SHA_512)) { IMB_SHA512(mb_mgr, xform->auth.key.data, xform->auth.key.length, hashed_key); -#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM - key_larger_block_size = 1; -#endif } break; case RTE_CRYPTO_AUTH_SHA512: @@ -412,25 +326,9 @@ aesni_mb_set_session_auth_parameters(IMB_MGR *mb_mgr, return 0; /* Calculate Authentication precomputes */ -#if IMB_VERSION(1, 3, 0) < IMB_VERSION_NUM - imb_hmac_ipad_opad(mb_mgr, sess->template_job.hash_alg, - xform->auth.key.data, xform->auth.key.length, - sess->auth.pads.inner, sess->auth.pads.outer); -#else - if (key_larger_block_size) { - calculate_auth_precomputes(hash_oneblock_fn, - sess->auth.pads.inner, sess->auth.pads.outer, - hashed_key, - xform->auth.key.length, - get_auth_algo_blocksize(sess->template_job.hash_alg)); - } else { - calculate_auth_precomputes(hash_oneblock_fn, - sess->auth.pads.inner, sess->auth.pads.outer, - xform->auth.key.data, - xform->auth.key.length, - get_auth_algo_blocksize(sess->template_job.hash_alg)); - } -#endif + imb_hmac_ipad_opad(mb_mgr, sess->template_job.hash_alg, + xform->auth.key.data, xform->auth.key.length, + sess->auth.pads.inner, sess->auth.pads.outer); sess->template_job.u.HMAC._hashed_auth_key_xor_ipad = sess->auth.pads.inner; sess->template_job.u.HMAC._hashed_auth_key_xor_opad = @@ -915,11 +813,9 @@ aesni_mb_session_configure(IMB_MGR *mb_mgr, } } -#if IMB_VERSION(1, 3, 0) < IMB_VERSION_NUM sess->session_id = imb_set_session(mb_mgr, &sess->template_job); sess->pid = getpid(); RTE_PER_LCORE(pid) = sess->pid; -#endif return 0; } @@ -1052,9 +948,7 @@ aesni_mb_set_docsis_sec_session_parameters( goto error_exit; } -#if IMB_VERSION(1, 3, 0) < IMB_VERSION_NUM ipsec_sess->session_id = imb_set_session(mb_mgr, &ipsec_sess->template_job); -#endif error_exit: free_mb_mgr(mb_mgr); @@ -1309,7 +1203,6 @@ imb_lib_support_sgl_algo(IMB_CIPHER_MODE alg) return 0; } -#if IMB_VERSION(1, 2, 0) < IMB_VERSION_NUM static inline int single_sgl_job(IMB_JOB *job, struct rte_crypto_op *op, int oop, uint32_t offset, struct rte_mbuf *m_src, @@ -1394,7 +1287,6 @@ single_sgl_job(IMB_JOB *job, struct rte_crypto_op *op, job->sgl_io_segs = sgl_segs; return 0; } -#endif static inline int multi_sgl_job(IMB_JOB *job, struct rte_crypto_op *op, @@ -1464,9 +1356,7 @@ set_gcm_job(IMB_MGR *mb_mgr, IMB_JOB *job, const uint8_t sgl, job->msg_len_to_hash_in_bytes = 0; job->msg_len_to_cipher_in_bytes = 0; job->cipher_start_src_offset_in_bytes = 0; -#if IMB_VERSION(1, 3, 0) < IMB_VERSION_NUM imb_set_session(mb_mgr, job); -#endif } else { job->hash_start_src_offset_in_bytes = op->sym->aead.data.offset; @@ -1494,13 +1384,11 @@ set_gcm_job(IMB_MGR *mb_mgr, IMB_JOB *job, const uint8_t sgl, job->src = NULL; job->dst = NULL; -#if IMB_VERSION(1, 2, 0) < IMB_VERSION_NUM if (m_src->nb_segs <= MAX_NUM_SEGS) return single_sgl_job(job, op, oop, m_offset, m_src, m_dst, qp_data->sgl_segs); else -#endif return multi_sgl_job(job, op, oop, m_offset, m_src, m_dst, mb_mgr); } else { @@ -1590,10 +1478,6 @@ set_mb_job_params(IMB_JOB *job, struct ipsec_mb_qp *qp, uint8_t sgl = 0; uint8_t lb_sgl = 0; -#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM - (void) pid; -#endif - session = ipsec_mb_get_session_private(qp, op); if (session == NULL) { op->status = RTE_CRYPTO_OP_STATUS_INVALID_SESSION; @@ -1603,12 +1487,10 @@ set_mb_job_params(IMB_JOB *job, struct ipsec_mb_qp *qp, const IMB_CIPHER_MODE cipher_mode = session->template_job.cipher_mode; -#if IMB_VERSION(1, 3, 0) < IMB_VERSION_NUM if (session->pid != pid) { memcpy(job, &session->template_job, sizeof(IMB_JOB)); imb_set_session(mb_mgr, job); } else if (job->session_id != session->session_id) -#endif memcpy(job, &session->template_job, sizeof(IMB_JOB)); if (!op->sym->m_dst) { @@ -1649,9 +1531,7 @@ set_mb_job_params(IMB_JOB *job, struct ipsec_mb_qp *qp, job->u.GCM.ctx = &qp_data->gcm_sgl_ctx; job->cipher_mode = IMB_CIPHER_GCM_SGL; job->hash_alg = IMB_AUTH_GCM_SGL; -#if IMB_VERSION(1, 3, 0) < IMB_VERSION_NUM imb_set_session(mb_mgr, job); -#endif } break; case IMB_AUTH_AES_GMAC_128: @@ -1676,9 +1556,7 @@ set_mb_job_params(IMB_JOB *job, struct ipsec_mb_qp *qp, job->u.CHACHA20_POLY1305.ctx = &qp_data->chacha_sgl_ctx; job->cipher_mode = IMB_CIPHER_CHACHA20_POLY1305_SGL; job->hash_alg = IMB_AUTH_CHACHA20_POLY1305_SGL; -#if IMB_VERSION(1, 3, 0) < IMB_VERSION_NUM imb_set_session(mb_mgr, job); -#endif } break; default: @@ -1874,13 +1752,11 @@ set_mb_job_params(IMB_JOB *job, struct ipsec_mb_qp *qp, if (lb_sgl) return handle_sgl_linear(job, op, m_offset, session); -#if IMB_VERSION(1, 2, 0) < IMB_VERSION_NUM if (m_src->nb_segs <= MAX_NUM_SEGS) return single_sgl_job(job, op, oop, m_offset, m_src, m_dst, qp_data->sgl_segs); else -#endif return multi_sgl_job(job, op, oop, m_offset, m_src, m_dst, mb_mgr); } @@ -2200,7 +2076,6 @@ set_job_null_op(IMB_JOB *job, struct rte_crypto_op *op) return job; } -#if IMB_VERSION(1, 2, 0) < IMB_VERSION_NUM uint16_t aesni_mb_dequeue_burst(void *queue_pair, struct rte_crypto_op **ops, uint16_t nb_ops) @@ -2333,144 +2208,7 @@ aesni_mb_dequeue_burst(void *queue_pair, struct rte_crypto_op **ops, return processed_jobs; } -#else - -/** - * Process a completed IMB_JOB job and keep processing jobs until - * get_completed_job return NULL - * - * @param qp Queue Pair to process - * @param mb_mgr IMB_MGR to use - * @param job IMB_JOB job - * @param ops crypto ops to fill - * @param nb_ops number of crypto ops - * - * @return - * - Number of processed jobs - */ -static unsigned -handle_completed_jobs(struct ipsec_mb_qp *qp, IMB_MGR *mb_mgr, - IMB_JOB *job, struct rte_crypto_op **ops, - uint16_t nb_ops) -{ - struct rte_crypto_op *op = NULL; - uint16_t processed_jobs = 0; - - while (job != NULL) { - op = post_process_mb_job(qp, job); - - if (op) { - ops[processed_jobs++] = op; - qp->stats.dequeued_count++; - } else { - qp->stats.dequeue_err_count++; - break; - } - if (processed_jobs == nb_ops) - break; - - job = IMB_GET_COMPLETED_JOB(mb_mgr); - } - - return processed_jobs; -} - -static inline uint16_t -flush_mb_mgr(struct ipsec_mb_qp *qp, IMB_MGR *mb_mgr, - struct rte_crypto_op **ops, uint16_t nb_ops) -{ - int processed_ops = 0; - - /* Flush the remaining jobs */ - IMB_JOB *job = IMB_FLUSH_JOB(mb_mgr); - - if (job) - processed_ops += handle_completed_jobs(qp, mb_mgr, job, - &ops[processed_ops], nb_ops - processed_ops); - - return processed_ops; -} - -uint16_t -aesni_mb_dequeue_burst(void *queue_pair, struct rte_crypto_op **ops, - uint16_t nb_ops) -{ - struct ipsec_mb_qp *qp = queue_pair; - IMB_MGR *mb_mgr = qp->mb_mgr; - struct rte_crypto_op *op; - IMB_JOB *job; - int retval, processed_jobs = 0; - pid_t pid = 0; - - if (unlikely(nb_ops == 0 || mb_mgr == NULL)) - return 0; - - uint8_t digest_idx = qp->digest_idx; - do { - /* Get next free mb job struct from mb manager */ - job = IMB_GET_NEXT_JOB(mb_mgr); - if (unlikely(job == NULL)) { - /* if no free mb job structs we need to flush mb_mgr */ - processed_jobs += flush_mb_mgr(qp, mb_mgr, - &ops[processed_jobs], - nb_ops - processed_jobs); - - if (nb_ops == processed_jobs) - break; - - job = IMB_GET_NEXT_JOB(mb_mgr); - } - - /* - * Get next operation to process from ingress queue. - * There is no need to return the job to the IMB_MGR - * if there are no more operations to process, since the IMB_MGR - * can use that pointer again in next get_next calls. - */ - retval = rte_ring_dequeue(qp->ingress_queue, (void **)&op); - if (retval < 0) - break; - - if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) - retval = set_sec_mb_job_params(job, qp, op, - &digest_idx); - else - retval = set_mb_job_params(job, qp, op, - &digest_idx, mb_mgr, pid); - - if (unlikely(retval != 0)) { - qp->stats.dequeue_err_count++; - set_job_null_op(job, op); - } - - /* Submit job to multi-buffer for processing */ -#ifdef RTE_LIBRTE_PMD_AESNI_MB_DEBUG - job = IMB_SUBMIT_JOB(mb_mgr); -#else - job = IMB_SUBMIT_JOB_NOCHECK(mb_mgr); -#endif - /* - * If submit returns a processed job then handle it, - * before submitting subsequent jobs - */ - if (job) - processed_jobs += handle_completed_jobs(qp, mb_mgr, - job, &ops[processed_jobs], - nb_ops - processed_jobs); - - } while (processed_jobs < nb_ops); - - qp->digest_idx = digest_idx; - - if (processed_jobs < 1) - processed_jobs += flush_mb_mgr(qp, mb_mgr, - &ops[processed_jobs], - nb_ops - processed_jobs); - - return processed_jobs; -} -#endif static inline int check_crypto_sgl(union rte_crypto_sym_ofs so, const struct rte_crypto_sgl *sgl) { diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_mb_priv.h b/drivers/crypto/ipsec_mb/pmd_aesni_mb_priv.h index 6120a2f62d..468a1f35eb 100644 --- a/drivers/crypto/ipsec_mb/pmd_aesni_mb_priv.h +++ b/drivers/crypto/ipsec_mb/pmd_aesni_mb_priv.h @@ -17,9 +17,7 @@ #define HMAC_IPAD_VALUE (0x36) #define HMAC_OPAD_VALUE (0x5C) -#if IMB_VERSION(1, 2, 0) < IMB_VERSION_NUM #define MAX_NUM_SEGS 16 -#endif int aesni_mb_session_configure(IMB_MGR * m __rte_unused, void *priv_sess, @@ -580,13 +578,8 @@ static const struct rte_cryptodev_capabilities aesni_mb_capabilities[] = { }, .digest_size = { .min = 4, -#if IMB_VERSION(1, 2, 0) < IMB_VERSION_NUM .max = 16, .increment = 4 -#else - .max = 4, - .increment = 0 -#endif }, .iv_size = { .min = 16, @@ -843,9 +836,7 @@ struct aesni_mb_qp_data { * by the driver when verifying a digest provided * by the user (using authentication verify operation) */ -#if IMB_VERSION(1, 2, 0) < IMB_VERSION_NUM struct IMB_SGL_IOV sgl_segs[MAX_NUM_SEGS]; -#endif union { struct gcm_context_data gcm_sgl_ctx; struct chacha20_poly1305_context_data chacha_sgl_ctx; -- 2.25.1