[PATCH 01/15] crypto/dpaa2_sec: fix fle buffer leak

[PATCH 01/15] crypto/dpaa2_sec: fix fle buffer leak

[Gagandeep Singh]

Driver allocates a fle buffer for each packet
before enqueue and free the buffer on dequeue. But in case if
there are enqueue failures, then code should free the fle buffers.

Fixes: b15cbf5b2d88 ("crypto/dpaa2_sec: fix fle buffer leak")
Cc: stable@dpdk.org

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 35 ++++++++++++++++++++-
 1 file changed, 34 insertions(+), 1 deletion(-)

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index e62d04852b..03fef5e500 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -1,7 +1,7 @@
 /* SPDX-License-Identifier: BSD-3-Clause
  *
  *   Copyright (c) 2016 Freescale Semiconductor, Inc. All rights reserved.
- *   Copyright 2016-2021 NXP
+ *   Copyright 2016-2022 NXP
  *
  */
 
@@ -64,6 +64,27 @@ enum dpaa2_sec_dump_levels {
 uint8_t cryptodev_driver_id;
 uint8_t dpaa2_sec_dp_dump = DPAA2_SEC_DP_ERR_DUMP;
 
+static inline void
+free_fle(const struct qbman_fd *fd)
+{
+	struct qbman_fle *fle;
+	struct rte_crypto_op *op;
+	struct ctxt_priv *priv;
+
+#ifdef RTE_LIB_SECURITY
+	if (DPAA2_FD_GET_FORMAT(fd) == qbman_fd_single)
+		return;
+#endif
+	fle = (struct qbman_fle *)DPAA2_IOVA_TO_VADDR(DPAA2_GET_FD_ADDR(fd));
+	op = (struct rte_crypto_op *)DPAA2_GET_FLE_ADDR((fle - 1));
+	/* free the fle memory */
+	if (likely(rte_pktmbuf_is_contiguous(op->sym->m_src))) {
+		priv = (struct ctxt_priv *)(size_t)DPAA2_GET_FLE_CTXT(fle - 1);
+		rte_mempool_put(priv->fle_pool, (void *)(fle-1));
+	} else
+		rte_free((void *)(fle-1));
+}
+
 #ifdef RTE_LIB_SECURITY
 static inline int
 build_proto_compound_sg_fd(dpaa2_sec_session *sess,
@@ -1513,6 +1534,12 @@ dpaa2_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,
 				if (retry_count > DPAA2_MAX_TX_RETRY_COUNT) {
 					num_tx += loop;
 					nb_ops -= loop;
+					DPAA2_SEC_DP_DEBUG("Enqueue fail\n");
+					/* freeing the fle buffers */
+					while (loop < frames_to_send) {
+						free_fle(&fd_arr[loop]);
+						loop++;
+					}
 					goto skip_tx;
 				}
 			} else {
@@ -1854,6 +1881,12 @@ dpaa2_sec_enqueue_burst_ordered(void *qp, struct rte_crypto_op **ops,
 				if (retry_count > DPAA2_MAX_TX_RETRY_COUNT) {
 					num_tx += loop;
 					nb_ops -= loop;
+					DPAA2_SEC_DP_DEBUG("Enqueue fail\n");
+					/* freeing the fle buffers */
+					while (loop < frames_to_send) {
+						free_fle(&fd_arr[loop]);
+						loop++;
+					}
 					goto skip_tx;
 				}
 			} else {
-- 
2.25.1

[PATCH 02/15] crypto/dpaa2_sec: fix buffer pool ID check

[Gagandeep Singh]

Simple fd rely on bpid of the buffers whereas
other FD types can support buffers without bpid
of pool.

So moving the bpid check to simple fd to mbuf
conversion function.

Fixes: 8d1f3a5d751b ("crypto/dpaa2_sec: support crypto operation")
Cc: stable@dpdk.org

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index 03fef5e500..2374d67978 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -1566,6 +1566,10 @@ sec_simple_fd_to_mbuf(const struct qbman_fd *fd)
 	int16_t diff = 0;
 	dpaa2_sec_session *sess_priv __rte_unused;
 
+	if (unlikely(DPAA2_GET_FD_IVP(fd))) {
+		DPAA2_SEC_ERR("error: non inline buffer");
+		return NULL;
+	}
 	struct rte_mbuf *mbuf = DPAA2_INLINE_MBUF_FROM_BUF(
 		DPAA2_IOVA_TO_VADDR(DPAA2_GET_FD_ADDR(fd)),
 		rte_dpaa2_bpid_info[DPAA2_GET_FD_BPID(fd)].meta_data_size);
@@ -1612,11 +1616,6 @@ sec_fd_to_mbuf(const struct qbman_fd *fd)
 	 * We can have a better approach to use the inline Mbuf
 	 */
 
-	if (unlikely(DPAA2_GET_FD_IVP(fd))) {
-		/* TODO complete it. */
-		DPAA2_SEC_ERR("error: non inline buffer");
-		return NULL;
-	}
 	op = (struct rte_crypto_op *)DPAA2_GET_FLE_ADDR((fle - 1));
 
 	/* Prefeth op */
-- 
2.25.1

[PATCH 03/15] crypto/dpaa_sec: fix length for chain fd in raw sec driver

[Gagandeep Singh]

DPAA sec raw driver is calculating the wrong lengths while
creating the FD for chain.
This patch fixes lengths for chain FD.

Fixes: 78156d38e112 ("crypto/dpaa_sec: support authonly and chain with raw API")
Cc: stable@dpdk.org

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c b/drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c
index 522685f8cf..29f4e6d40b 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c
@@ -1,5 +1,5 @@
 /* SPDX-License-Identifier: BSD-3-Clause
- * Copyright 2021 NXP
+ * Copyright 2021-2022 NXP
  */
 
 #include <rte_byteorder.h>
@@ -397,8 +397,8 @@ build_dpaa_raw_dp_chain_fd(uint8_t *drv_ctx,
 	unsigned int i;
 	uint16_t auth_hdr_len = ofs.ofs.cipher.head -
 				ofs.ofs.auth.head;
-	uint16_t auth_tail_len = ofs.ofs.auth.tail;
-	uint32_t auth_only_len = (auth_tail_len << 16) | auth_hdr_len;
+	uint16_t auth_tail_len;
+	uint32_t auth_only_len;
 	int data_len = 0, auth_len = 0, cipher_len = 0;
 
 	for (i = 0; i < sgl->num; i++)
@@ -406,6 +406,8 @@ build_dpaa_raw_dp_chain_fd(uint8_t *drv_ctx,
 
 	cipher_len = data_len - ofs.ofs.cipher.head - ofs.ofs.cipher.tail;
 	auth_len = data_len - ofs.ofs.auth.head - ofs.ofs.auth.tail;
+	auth_tail_len = auth_len - cipher_len - auth_hdr_len;
+	auth_only_len = (auth_tail_len << 16) | auth_hdr_len;
 
 	if (sgl->num > MAX_SG_ENTRIES) {
 		DPAA_SEC_DP_ERR("Cipher-Auth: Max sec segs supported is %d",
@@ -448,6 +450,7 @@ build_dpaa_raw_dp_chain_fd(uint8_t *drv_ctx,
 			qm_sg_entry_set64(sg, dest_sgl->vec[i].iova);
 			sg->length = dest_sgl->vec[i].len;
 		}
+		sg->length -= ofs.ofs.cipher.tail;
 	} else {
 		qm_sg_entry_set64(sg, sgl->vec[0].iova);
 		sg->length = sgl->vec[0].len - ofs.ofs.cipher.head;
@@ -460,6 +463,7 @@ build_dpaa_raw_dp_chain_fd(uint8_t *drv_ctx,
 			qm_sg_entry_set64(sg, sgl->vec[i].iova);
 			sg->length = sgl->vec[i].len;
 		}
+		sg->length -= ofs.ofs.cipher.tail;
 	}
 
 	if (is_encode(ses)) {
-- 
2.25.1

[PATCH 04/15] crypto/dpaa2_sec: fix length for chain fd in raw sec driver

[Gagandeep Singh]

DPAA2 sec raw driver is calculating the wrong lengths while
creating the FD for chain.
This patch fixes lengths for chain FD.

Fixes: aa6ec1fd8443 ("crypto/dpaa2_sec: support authenc with raw buffer API")
Cc: stable@dpdk.org

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c
index 74f2045637..e68a4875dd 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c
@@ -1,5 +1,5 @@
 /* SPDX-License-Identifier: BSD-3-Clause
- * Copyright 2021 NXP
+ * Copyright 2021-2022 NXP
  */
 
 #include <cryptodev_pmd.h>
@@ -44,8 +44,8 @@ build_raw_dp_chain_fd(uint8_t *drv_ctx,
 	uint16_t auth_hdr_len = ofs.ofs.cipher.head -
 				ofs.ofs.auth.head;
 
-	uint16_t auth_tail_len = ofs.ofs.auth.tail;
-	uint32_t auth_only_len = (auth_tail_len << 16) | auth_hdr_len;
+	uint16_t auth_tail_len;
+	uint32_t auth_only_len;
 	int icv_len = sess->digest_length;
 	uint8_t *old_icv;
 	uint8_t *iv_ptr = iv->va;
@@ -55,6 +55,8 @@ build_raw_dp_chain_fd(uint8_t *drv_ctx,
 
 	cipher_len = data_len - ofs.ofs.cipher.head - ofs.ofs.cipher.tail;
 	auth_len = data_len - ofs.ofs.auth.head - ofs.ofs.auth.tail;
+	auth_tail_len = auth_len - cipher_len - auth_hdr_len;
+	auth_only_len = (auth_tail_len << 16) | auth_hdr_len;
 	/* first FLE entry used to store session ctxt */
 	fle = (struct qbman_fle *)rte_malloc(NULL,
 			FLE_SG_MEM_SIZE(2 * sgl->num),
@@ -104,6 +106,7 @@ build_raw_dp_chain_fd(uint8_t *drv_ctx,
 			DPAA2_SET_FLE_OFFSET(sge, 0);
 			sge->length = dest_sgl->vec[i].len;
 		}
+		sge->length -= ofs.ofs.cipher.tail;
 	} else {
 		/* Configure Output SGE for Encap/Decap */
 		DPAA2_SET_FLE_ADDR(sge, sgl->vec[0].iova);
@@ -117,6 +120,7 @@ build_raw_dp_chain_fd(uint8_t *drv_ctx,
 			DPAA2_SET_FLE_OFFSET(sge, 0);
 			sge->length = sgl->vec[i].len;
 		}
+		sge->length -= ofs.ofs.cipher.tail;
 	}
 
 	if (sess->dir == DIR_ENC) {
-- 
2.25.1

[PATCH 09/15] crypto/dpaa_sec : fix secondary process probe

[Gagandeep Singh]

From: Vanshika Shukla <vanshika.shukla@nxp.com>

DPAA hardware supports non-i/o performing secondary
applications only. So we do not have to probe crypto
devices in secondary applications.

Fixes: c3e85bdcc6e6 ("crypto/dpaa_sec: add crypto driver for NXP DPAA platform")
Cc: stable@dpdk.org

Signed-off-by: Vanshika Shukla <vanshika.shukla@nxp.com>
---
 drivers/crypto/dpaa_sec/dpaa_sec.c | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c
index 23a94d7e41..6f2b4baf57 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
@@ -3766,23 +3766,24 @@ cryptodev_dpaa_sec_probe(struct rte_dpaa_driver *dpaa_drv __rte_unused,
 
 	int retval;
 
+	if (rte_eal_process_type() != RTE_PROC_PRIMARY)
+		return 0;
+
 	snprintf(cryptodev_name, sizeof(cryptodev_name), "%s", dpaa_dev->name);
 
 	cryptodev = rte_cryptodev_pmd_allocate(cryptodev_name, rte_socket_id());
 	if (cryptodev == NULL)
 		return -ENOMEM;
 
-	if (rte_eal_process_type() == RTE_PROC_PRIMARY) {
-		cryptodev->data->dev_private = rte_zmalloc_socket(
-					"cryptodev private structure",
-					sizeof(struct dpaa_sec_dev_private),
-					RTE_CACHE_LINE_SIZE,
-					rte_socket_id());
+	cryptodev->data->dev_private = rte_zmalloc_socket(
+				"cryptodev private structure",
+				sizeof(struct dpaa_sec_dev_private),
+				RTE_CACHE_LINE_SIZE,
+				rte_socket_id());
 
-		if (cryptodev->data->dev_private == NULL)
-			rte_panic("Cannot allocate memzone for private "
-					"device data");
-	}
+	if (cryptodev->data->dev_private == NULL)
+		rte_panic("Cannot allocate memzone for private "
+				"device data");
 
 	dpaa_dev->crypto_dev = cryptodev;
 	cryptodev->device = &dpaa_dev->device;
@@ -3824,8 +3825,7 @@ cryptodev_dpaa_sec_probe(struct rte_dpaa_driver *dpaa_drv __rte_unused,
 	retval = -ENXIO;
 out:
 	/* In case of error, cleanup is done */
-	if (rte_eal_process_type() == RTE_PROC_PRIMARY)
-		rte_free(cryptodev->data->dev_private);
+	rte_free(cryptodev->data->dev_private);
 
 	rte_cryptodev_pmd_release_device(cryptodev);
 
-- 
2.25.1

[PATCH 11/15] crypto/dpaa2_sec: fix crypto op pointer for atomic and ordered queues

[Gagandeep Singh]

From: Akhil Goyal <akhil.goyal@oss.nxp.com>

Driver is filling the crypto_op variable with an invalid value
which can results into segmentation fault.

This patch assigning the correct crypto_op and event buffer
pointers by extracting from FD.

Fixes: a77db24643b7 ("crypto/dpaa2_sec: support atomic queues")
Fixes: 4562de326d30 ("crypto/dpaa2_sec: support ordered queue")
Cc: stable@dpdk.org

Signed-off-by: Akhil Goyal <akhil.goyal@oss.nxp.com>
Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index 86c8df241b..9f2b384af9 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -4019,7 +4019,7 @@ dpaa2_sec_process_atomic_event(struct qbman_swp *swp __rte_unused,
 {
 	uint8_t dqrr_index;
 	struct dpaa2_sec_qp *qp;
-	struct rte_crypto_op *crypto_op = (struct rte_crypto_op *)ev->event_ptr;
+	struct rte_crypto_op *crypto_op;
 	/* Prefetching mbuf */
 	rte_prefetch0((void *)(size_t)(DPAA2_GET_FD_ADDR(fd)-
 		rte_dpaa2_bpid_info[DPAA2_GET_FD_BPID(fd)].meta_data_size));
@@ -4036,12 +4036,13 @@ dpaa2_sec_process_atomic_event(struct qbman_swp *swp __rte_unused,
 	ev->queue_id = rxq->ev.queue_id;
 	ev->priority = rxq->ev.priority;
 
-	ev->event_ptr = sec_fd_to_mbuf(fd, qp);
+	crypto_op = sec_fd_to_mbuf(fd, qp);
 	dqrr_index = qbman_get_dqrr_idx(dq);
 	*dpaa2_seqn(crypto_op->sym->m_src) = QBMAN_ENQUEUE_FLAG_DCA | dqrr_index;
 	DPAA2_PER_LCORE_DQRR_SIZE++;
 	DPAA2_PER_LCORE_DQRR_HELD |= 1 << dqrr_index;
 	DPAA2_PER_LCORE_DQRR_MBUF(dqrr_index) = crypto_op->sym->m_src;
+	ev->event_ptr = crypto_op;
 }
 
 static void __rte_hot
@@ -4051,7 +4052,7 @@ dpaa2_sec_process_ordered_event(struct qbman_swp *swp,
 				struct dpaa2_queue *rxq,
 				struct rte_event *ev)
 {
-	struct rte_crypto_op *crypto_op = (struct rte_crypto_op *)ev->event_ptr;
+	struct rte_crypto_op *crypto_op;
 	struct dpaa2_sec_qp *qp;
 
 	/* Prefetching mbuf */
@@ -4069,7 +4070,7 @@ dpaa2_sec_process_ordered_event(struct qbman_swp *swp,
 	ev->sched_type = rxq->ev.sched_type;
 	ev->queue_id = rxq->ev.queue_id;
 	ev->priority = rxq->ev.priority;
-	ev->event_ptr = sec_fd_to_mbuf(fd, qp);
+	crypto_op = sec_fd_to_mbuf(fd, qp);
 
 	*dpaa2_seqn(crypto_op->sym->m_src) = DPAA2_ENQUEUE_FLAG_ORP;
 	*dpaa2_seqn(crypto_op->sym->m_src) |= qbman_result_DQ_odpid(dq) <<
@@ -4078,6 +4079,7 @@ dpaa2_sec_process_ordered_event(struct qbman_swp *swp,
 		DPAA2_EQCR_SEQNUM_SHIFT;
 
 	qbman_swp_dqrr_consume(swp, dq);
+	ev->event_ptr = crypto_op;
 }
 
 int
-- 
2.25.1

RE: [PATCH 11/15] crypto/dpaa2_sec: fix crypto op pointer for atomic and ordered queues

[Hemant Agrawal]

Replace Akhil with your name. 

> -----Original Message-----
> From: Gagandeep Singh <G.Singh@nxp.com>
> Sent: Thursday, April 21, 2022 5:31 PM
> To: dpdk-up <dpdk-up@NXP1.onmicrosoft.com>
> Cc: Akhil Goyal (OSS) <akhil.goyal@oss.nxp.com>; stable@dpdk.org;
> Gagandeep Singh <G.Singh@nxp.com>
> Subject: [PATCH 11/15] crypto/dpaa2_sec: fix crypto op pointer for atomic
> and ordered queues
> 
> From: Akhil Goyal <akhil.goyal@oss.nxp.com>
> 
> Driver is filling the crypto_op variable with an invalid value which can results
> into segmentation fault.
> 
> This patch assigning the correct crypto_op and event buffer pointers by
> extracting from FD.
> 
> Fixes: a77db24643b7 ("crypto/dpaa2_sec: support atomic queues")
> Fixes: 4562de326d30 ("crypto/dpaa2_sec: support ordered queue")
> Cc: stable@dpdk.org
> 
> Signed-off-by: Akhil Goyal <akhil.goyal@oss.nxp.com>
> Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
> ---
>  drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 10 ++++++----
>  1 file changed, 6 insertions(+), 4 deletions(-)
> 
> diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
> b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
> index 86c8df241b..9f2b384af9 100644
> --- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
> +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
> @@ -4019,7 +4019,7 @@ dpaa2_sec_process_atomic_event(struct
> qbman_swp *swp __rte_unused,  {
>  	uint8_t dqrr_index;
>  	struct dpaa2_sec_qp *qp;
> -	struct rte_crypto_op *crypto_op = (struct rte_crypto_op *)ev-
> >event_ptr;
> +	struct rte_crypto_op *crypto_op;
>  	/* Prefetching mbuf */
>  	rte_prefetch0((void *)(size_t)(DPAA2_GET_FD_ADDR(fd)-
> 
> 	rte_dpaa2_bpid_info[DPAA2_GET_FD_BPID(fd)].meta_data_size));
> @@ -4036,12 +4036,13 @@ dpaa2_sec_process_atomic_event(struct
> qbman_swp *swp __rte_unused,
>  	ev->queue_id = rxq->ev.queue_id;
>  	ev->priority = rxq->ev.priority;
> 
> -	ev->event_ptr = sec_fd_to_mbuf(fd, qp);
> +	crypto_op = sec_fd_to_mbuf(fd, qp);
>  	dqrr_index = qbman_get_dqrr_idx(dq);
>  	*dpaa2_seqn(crypto_op->sym->m_src) =
> QBMAN_ENQUEUE_FLAG_DCA | dqrr_index;
>  	DPAA2_PER_LCORE_DQRR_SIZE++;
>  	DPAA2_PER_LCORE_DQRR_HELD |= 1 << dqrr_index;
>  	DPAA2_PER_LCORE_DQRR_MBUF(dqrr_index) = crypto_op->sym-
> >m_src;
> +	ev->event_ptr = crypto_op;
>  }
> 
>  static void __rte_hot
> @@ -4051,7 +4052,7 @@ dpaa2_sec_process_ordered_event(struct
> qbman_swp *swp,
>  				struct dpaa2_queue *rxq,
>  				struct rte_event *ev)
>  {
> -	struct rte_crypto_op *crypto_op = (struct rte_crypto_op *)ev-
> >event_ptr;
> +	struct rte_crypto_op *crypto_op;
>  	struct dpaa2_sec_qp *qp;
> 
>  	/* Prefetching mbuf */
> @@ -4069,7 +4070,7 @@ dpaa2_sec_process_ordered_event(struct
> qbman_swp *swp,
>  	ev->sched_type = rxq->ev.sched_type;
>  	ev->queue_id = rxq->ev.queue_id;
>  	ev->priority = rxq->ev.priority;
> -	ev->event_ptr = sec_fd_to_mbuf(fd, qp);
> +	crypto_op = sec_fd_to_mbuf(fd, qp);
> 
>  	*dpaa2_seqn(crypto_op->sym->m_src) =
> DPAA2_ENQUEUE_FLAG_ORP;
>  	*dpaa2_seqn(crypto_op->sym->m_src) |=
> qbman_result_DQ_odpid(dq) << @@ -4078,6 +4079,7 @@
> dpaa2_sec_process_ordered_event(struct qbman_swp *swp,
>  		DPAA2_EQCR_SEQNUM_SHIFT;
> 
>  	qbman_swp_dqrr_consume(swp, dq);
> +	ev->event_ptr = crypto_op;
>  }
> 
>  int
> --
> 2.25.1

[PATCH 12/15] crypto/dpaa2_sec: fix operation status for simple fd

[Gagandeep Singh]

Driver is not filling the operation status on dequeue
in case the FD is simple.

So setting the status as per the results.

Fixes: 0a23d4b6f4c2 ("crypto/dpaa2_sec: support protocol offload IPsec")
Cc: stable@dpdk.org

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index 9f2b384af9..8444f1a795 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -1591,6 +1591,14 @@ sec_simple_fd_to_mbuf(const struct qbman_fd *fd)
 	else
 		mbuf->data_off += SEC_FLC_DHR_INBOUND;
 
+	if (unlikely(fd->simple.frc)) {
+		DPAA2_SEC_ERR("SEC returned Error - %x",
+				fd->simple.frc);
+		op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+	} else {
+		op->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
+	}
+
 	return op;
 }
 #endif
-- 
2.25.1

[PATCH 15/15] common/dpaax: fix short MAC-I IV calculation for zuc

[Gagandeep Singh]

Fixing the IV caluclation for zuc based short MAC-I
as per the HW security engine guidelines.

Fixes: 73a24060cd70 ("crypto/dpaa2_sec: add sample PDCP descriptor APIs")
Cc: stable@dpdk.org

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/common/dpaax/caamflib/desc/pdcp.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/common/dpaax/caamflib/desc/pdcp.h b/drivers/common/dpaax/caamflib/desc/pdcp.h
index 46153b9c29..289ee2a7d5 100644
--- a/drivers/common/dpaax/caamflib/desc/pdcp.h
+++ b/drivers/common/dpaax/caamflib/desc/pdcp.h
@@ -3066,7 +3066,7 @@ cnstr_shdsc_pdcp_short_mac(uint32_t *descbuf,
 
 	case PDCP_AUTH_TYPE_ZUC:
 		iv[0] = 0xFFFFFFFF;
-		iv[1] = swap ? swab32(0xFC000000) : 0xFC000000;
+		iv[1] = swab32(0xFC000000);
 		iv[2] = 0x00000000; /* unused */
 
 		KEY(p, KEY2, authdata->key_enc_flags, authdata->key,
-- 
2.25.1