patches for DPDK stable branches
 help / color / mirror / Atom feed
* [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak
@ 2022-04-22  3:50 Gagandeep Singh
  2022-04-22  3:50 ` [PATCH 02/14] crypto/dpaa2_sec: fix buffer pool ID check Gagandeep Singh
                   ` (8 more replies)
  0 siblings, 9 replies; 19+ messages in thread
From: Gagandeep Singh @ 2022-04-22  3:50 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh, stable

Driver allocates a fle buffer for each packet
before enqueue and free the buffer on dequeue. But in case if
there are enqueue failures, then code should free the fle buffers.

Fixes: b15cbf5b2d88 ("crypto/dpaa2_sec: fix fle buffer leak")
Cc: stable@dpdk.org

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 35 ++++++++++++++++++++-
 1 file changed, 34 insertions(+), 1 deletion(-)

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index e62d04852b..03fef5e500 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -1,7 +1,7 @@
 /* SPDX-License-Identifier: BSD-3-Clause
  *
  *   Copyright (c) 2016 Freescale Semiconductor, Inc. All rights reserved.
- *   Copyright 2016-2021 NXP
+ *   Copyright 2016-2022 NXP
  *
  */
 
@@ -64,6 +64,27 @@ enum dpaa2_sec_dump_levels {
 uint8_t cryptodev_driver_id;
 uint8_t dpaa2_sec_dp_dump = DPAA2_SEC_DP_ERR_DUMP;
 
+static inline void
+free_fle(const struct qbman_fd *fd)
+{
+	struct qbman_fle *fle;
+	struct rte_crypto_op *op;
+	struct ctxt_priv *priv;
+
+#ifdef RTE_LIB_SECURITY
+	if (DPAA2_FD_GET_FORMAT(fd) == qbman_fd_single)
+		return;
+#endif
+	fle = (struct qbman_fle *)DPAA2_IOVA_TO_VADDR(DPAA2_GET_FD_ADDR(fd));
+	op = (struct rte_crypto_op *)DPAA2_GET_FLE_ADDR((fle - 1));
+	/* free the fle memory */
+	if (likely(rte_pktmbuf_is_contiguous(op->sym->m_src))) {
+		priv = (struct ctxt_priv *)(size_t)DPAA2_GET_FLE_CTXT(fle - 1);
+		rte_mempool_put(priv->fle_pool, (void *)(fle-1));
+	} else
+		rte_free((void *)(fle-1));
+}
+
 #ifdef RTE_LIB_SECURITY
 static inline int
 build_proto_compound_sg_fd(dpaa2_sec_session *sess,
@@ -1513,6 +1534,12 @@ dpaa2_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,
 				if (retry_count > DPAA2_MAX_TX_RETRY_COUNT) {
 					num_tx += loop;
 					nb_ops -= loop;
+					DPAA2_SEC_DP_DEBUG("Enqueue fail\n");
+					/* freeing the fle buffers */
+					while (loop < frames_to_send) {
+						free_fle(&fd_arr[loop]);
+						loop++;
+					}
 					goto skip_tx;
 				}
 			} else {
@@ -1854,6 +1881,12 @@ dpaa2_sec_enqueue_burst_ordered(void *qp, struct rte_crypto_op **ops,
 				if (retry_count > DPAA2_MAX_TX_RETRY_COUNT) {
 					num_tx += loop;
 					nb_ops -= loop;
+					DPAA2_SEC_DP_DEBUG("Enqueue fail\n");
+					/* freeing the fle buffers */
+					while (loop < frames_to_send) {
+						free_fle(&fd_arr[loop]);
+						loop++;
+					}
 					goto skip_tx;
 				}
 			} else {
-- 
2.25.1


^ permalink raw reply	[flat|nested] 19+ messages in thread

* [PATCH 02/14] crypto/dpaa2_sec: fix buffer pool ID check
  2022-04-22  3:50 [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak Gagandeep Singh
@ 2022-04-22  3:50 ` Gagandeep Singh
  2022-04-22  3:50 ` [PATCH 03/14] crypto/dpaa_sec: fix length for chain fd in raw sec driver Gagandeep Singh
                   ` (7 subsequent siblings)
  8 siblings, 0 replies; 19+ messages in thread
From: Gagandeep Singh @ 2022-04-22  3:50 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh, stable

Simple fd rely on bpid of the buffers whereas
other FD types can support buffers without bpid
of pool.

So moving the bpid check to simple fd to mbuf
conversion function.

Fixes: 8d1f3a5d751b ("crypto/dpaa2_sec: support crypto operation")
Cc: stable@dpdk.org

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index 03fef5e500..2374d67978 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -1566,6 +1566,10 @@ sec_simple_fd_to_mbuf(const struct qbman_fd *fd)
 	int16_t diff = 0;
 	dpaa2_sec_session *sess_priv __rte_unused;
 
+	if (unlikely(DPAA2_GET_FD_IVP(fd))) {
+		DPAA2_SEC_ERR("error: non inline buffer");
+		return NULL;
+	}
 	struct rte_mbuf *mbuf = DPAA2_INLINE_MBUF_FROM_BUF(
 		DPAA2_IOVA_TO_VADDR(DPAA2_GET_FD_ADDR(fd)),
 		rte_dpaa2_bpid_info[DPAA2_GET_FD_BPID(fd)].meta_data_size);
@@ -1612,11 +1616,6 @@ sec_fd_to_mbuf(const struct qbman_fd *fd)
 	 * We can have a better approach to use the inline Mbuf
 	 */
 
-	if (unlikely(DPAA2_GET_FD_IVP(fd))) {
-		/* TODO complete it. */
-		DPAA2_SEC_ERR("error: non inline buffer");
-		return NULL;
-	}
 	op = (struct rte_crypto_op *)DPAA2_GET_FLE_ADDR((fle - 1));
 
 	/* Prefeth op */
-- 
2.25.1


^ permalink raw reply	[flat|nested] 19+ messages in thread

* [PATCH 03/14] crypto/dpaa_sec: fix length for chain fd in raw sec driver
  2022-04-22  3:50 [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak Gagandeep Singh
  2022-04-22  3:50 ` [PATCH 02/14] crypto/dpaa2_sec: fix buffer pool ID check Gagandeep Singh
@ 2022-04-22  3:50 ` Gagandeep Singh
  2022-04-22  3:50 ` [PATCH 04/14] crypto/dpaa2_sec: " Gagandeep Singh
                   ` (6 subsequent siblings)
  8 siblings, 0 replies; 19+ messages in thread
From: Gagandeep Singh @ 2022-04-22  3:50 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh, stable

DPAA sec raw driver is calculating the wrong lengths while
creating the FD for chain.
This patch fixes lengths for chain FD.

Fixes: 78156d38e112 ("crypto/dpaa_sec: support authonly and chain with raw API")
Cc: stable@dpdk.org

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c b/drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c
index 522685f8cf..29f4e6d40b 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c
@@ -1,5 +1,5 @@
 /* SPDX-License-Identifier: BSD-3-Clause
- * Copyright 2021 NXP
+ * Copyright 2021-2022 NXP
  */
 
 #include <rte_byteorder.h>
@@ -397,8 +397,8 @@ build_dpaa_raw_dp_chain_fd(uint8_t *drv_ctx,
 	unsigned int i;
 	uint16_t auth_hdr_len = ofs.ofs.cipher.head -
 				ofs.ofs.auth.head;
-	uint16_t auth_tail_len = ofs.ofs.auth.tail;
-	uint32_t auth_only_len = (auth_tail_len << 16) | auth_hdr_len;
+	uint16_t auth_tail_len;
+	uint32_t auth_only_len;
 	int data_len = 0, auth_len = 0, cipher_len = 0;
 
 	for (i = 0; i < sgl->num; i++)
@@ -406,6 +406,8 @@ build_dpaa_raw_dp_chain_fd(uint8_t *drv_ctx,
 
 	cipher_len = data_len - ofs.ofs.cipher.head - ofs.ofs.cipher.tail;
 	auth_len = data_len - ofs.ofs.auth.head - ofs.ofs.auth.tail;
+	auth_tail_len = auth_len - cipher_len - auth_hdr_len;
+	auth_only_len = (auth_tail_len << 16) | auth_hdr_len;
 
 	if (sgl->num > MAX_SG_ENTRIES) {
 		DPAA_SEC_DP_ERR("Cipher-Auth: Max sec segs supported is %d",
@@ -448,6 +450,7 @@ build_dpaa_raw_dp_chain_fd(uint8_t *drv_ctx,
 			qm_sg_entry_set64(sg, dest_sgl->vec[i].iova);
 			sg->length = dest_sgl->vec[i].len;
 		}
+		sg->length -= ofs.ofs.cipher.tail;
 	} else {
 		qm_sg_entry_set64(sg, sgl->vec[0].iova);
 		sg->length = sgl->vec[0].len - ofs.ofs.cipher.head;
@@ -460,6 +463,7 @@ build_dpaa_raw_dp_chain_fd(uint8_t *drv_ctx,
 			qm_sg_entry_set64(sg, sgl->vec[i].iova);
 			sg->length = sgl->vec[i].len;
 		}
+		sg->length -= ofs.ofs.cipher.tail;
 	}
 
 	if (is_encode(ses)) {
-- 
2.25.1


^ permalink raw reply	[flat|nested] 19+ messages in thread

* [PATCH 04/14] crypto/dpaa2_sec: fix length for chain fd in raw sec driver
  2022-04-22  3:50 [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak Gagandeep Singh
  2022-04-22  3:50 ` [PATCH 02/14] crypto/dpaa2_sec: fix buffer pool ID check Gagandeep Singh
  2022-04-22  3:50 ` [PATCH 03/14] crypto/dpaa_sec: fix length for chain fd in raw sec driver Gagandeep Singh
@ 2022-04-22  3:50 ` Gagandeep Singh
  2022-04-22  3:50 ` [PATCH 08/14] crypto/dpaa_sec : fix secondary process probe Gagandeep Singh
                   ` (5 subsequent siblings)
  8 siblings, 0 replies; 19+ messages in thread
From: Gagandeep Singh @ 2022-04-22  3:50 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh, stable

DPAA2 sec raw driver is calculating the wrong lengths while
creating the FD for chain.
This patch fixes lengths for chain FD.

Fixes: aa6ec1fd8443 ("crypto/dpaa2_sec: support authenc with raw buffer API")
Cc: stable@dpdk.org

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c
index 74f2045637..e68a4875dd 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c
@@ -1,5 +1,5 @@
 /* SPDX-License-Identifier: BSD-3-Clause
- * Copyright 2021 NXP
+ * Copyright 2021-2022 NXP
  */
 
 #include <cryptodev_pmd.h>
@@ -44,8 +44,8 @@ build_raw_dp_chain_fd(uint8_t *drv_ctx,
 	uint16_t auth_hdr_len = ofs.ofs.cipher.head -
 				ofs.ofs.auth.head;
 
-	uint16_t auth_tail_len = ofs.ofs.auth.tail;
-	uint32_t auth_only_len = (auth_tail_len << 16) | auth_hdr_len;
+	uint16_t auth_tail_len;
+	uint32_t auth_only_len;
 	int icv_len = sess->digest_length;
 	uint8_t *old_icv;
 	uint8_t *iv_ptr = iv->va;
@@ -55,6 +55,8 @@ build_raw_dp_chain_fd(uint8_t *drv_ctx,
 
 	cipher_len = data_len - ofs.ofs.cipher.head - ofs.ofs.cipher.tail;
 	auth_len = data_len - ofs.ofs.auth.head - ofs.ofs.auth.tail;
+	auth_tail_len = auth_len - cipher_len - auth_hdr_len;
+	auth_only_len = (auth_tail_len << 16) | auth_hdr_len;
 	/* first FLE entry used to store session ctxt */
 	fle = (struct qbman_fle *)rte_malloc(NULL,
 			FLE_SG_MEM_SIZE(2 * sgl->num),
@@ -104,6 +106,7 @@ build_raw_dp_chain_fd(uint8_t *drv_ctx,
 			DPAA2_SET_FLE_OFFSET(sge, 0);
 			sge->length = dest_sgl->vec[i].len;
 		}
+		sge->length -= ofs.ofs.cipher.tail;
 	} else {
 		/* Configure Output SGE for Encap/Decap */
 		DPAA2_SET_FLE_ADDR(sge, sgl->vec[0].iova);
@@ -117,6 +120,7 @@ build_raw_dp_chain_fd(uint8_t *drv_ctx,
 			DPAA2_SET_FLE_OFFSET(sge, 0);
 			sge->length = sgl->vec[i].len;
 		}
+		sge->length -= ofs.ofs.cipher.tail;
 	}
 
 	if (sess->dir == DIR_ENC) {
-- 
2.25.1


^ permalink raw reply	[flat|nested] 19+ messages in thread

* [PATCH 08/14] crypto/dpaa_sec : fix secondary process probe
  2022-04-22  3:50 [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak Gagandeep Singh
                   ` (2 preceding siblings ...)
  2022-04-22  3:50 ` [PATCH 04/14] crypto/dpaa2_sec: " Gagandeep Singh
@ 2022-04-22  3:50 ` Gagandeep Singh
  2022-04-22  3:50 ` [PATCH 10/14] crypto/dpaa2_sec: fix crypto op pointer for atomic and ordered queues Gagandeep Singh
                   ` (4 subsequent siblings)
  8 siblings, 0 replies; 19+ messages in thread
From: Gagandeep Singh @ 2022-04-22  3:50 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Vanshika Shukla, stable

From: Vanshika Shukla <vanshika.shukla@nxp.com>

DPAA hardware supports non-i/o performing secondary
applications only. So we do not have to probe crypto
devices in secondary applications.

Fixes: c3e85bdcc6e6 ("crypto/dpaa_sec: add crypto driver for NXP DPAA platform")
Cc: stable@dpdk.org

Signed-off-by: Vanshika Shukla <vanshika.shukla@nxp.com>
---
 drivers/crypto/dpaa_sec/dpaa_sec.c | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c
index 23a94d7e41..6f2b4baf57 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
@@ -3766,23 +3766,24 @@ cryptodev_dpaa_sec_probe(struct rte_dpaa_driver *dpaa_drv __rte_unused,
 
 	int retval;
 
+	if (rte_eal_process_type() != RTE_PROC_PRIMARY)
+		return 0;
+
 	snprintf(cryptodev_name, sizeof(cryptodev_name), "%s", dpaa_dev->name);
 
 	cryptodev = rte_cryptodev_pmd_allocate(cryptodev_name, rte_socket_id());
 	if (cryptodev == NULL)
 		return -ENOMEM;
 
-	if (rte_eal_process_type() == RTE_PROC_PRIMARY) {
-		cryptodev->data->dev_private = rte_zmalloc_socket(
-					"cryptodev private structure",
-					sizeof(struct dpaa_sec_dev_private),
-					RTE_CACHE_LINE_SIZE,
-					rte_socket_id());
+	cryptodev->data->dev_private = rte_zmalloc_socket(
+				"cryptodev private structure",
+				sizeof(struct dpaa_sec_dev_private),
+				RTE_CACHE_LINE_SIZE,
+				rte_socket_id());
 
-		if (cryptodev->data->dev_private == NULL)
-			rte_panic("Cannot allocate memzone for private "
-					"device data");
-	}
+	if (cryptodev->data->dev_private == NULL)
+		rte_panic("Cannot allocate memzone for private "
+				"device data");
 
 	dpaa_dev->crypto_dev = cryptodev;
 	cryptodev->device = &dpaa_dev->device;
@@ -3824,8 +3825,7 @@ cryptodev_dpaa_sec_probe(struct rte_dpaa_driver *dpaa_drv __rte_unused,
 	retval = -ENXIO;
 out:
 	/* In case of error, cleanup is done */
-	if (rte_eal_process_type() == RTE_PROC_PRIMARY)
-		rte_free(cryptodev->data->dev_private);
+	rte_free(cryptodev->data->dev_private);
 
 	rte_cryptodev_pmd_release_device(cryptodev);
 
-- 
2.25.1


^ permalink raw reply	[flat|nested] 19+ messages in thread

* [PATCH 10/14] crypto/dpaa2_sec: fix crypto op pointer for atomic and ordered queues
  2022-04-22  3:50 [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak Gagandeep Singh
                   ` (3 preceding siblings ...)
  2022-04-22  3:50 ` [PATCH 08/14] crypto/dpaa_sec : fix secondary process probe Gagandeep Singh
@ 2022-04-22  3:50 ` Gagandeep Singh
  2022-04-22  3:50 ` [PATCH 11/14] crypto/dpaa2_sec: fix operation status for simple fd Gagandeep Singh
                   ` (3 subsequent siblings)
  8 siblings, 0 replies; 19+ messages in thread
From: Gagandeep Singh @ 2022-04-22  3:50 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh, stable

Driver is filling the crypto_op variable with an invalid value
which can results into segmentation fault.

This patch assigning the correct crypto_op and event buffer
pointers by extracting from FD.

Fixes: a77db24643b7 ("crypto/dpaa2_sec: support atomic queues")
Fixes: 4562de326d30 ("crypto/dpaa2_sec: support ordered queue")
Cc: stable@dpdk.org

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index 86c8df241b..9f2b384af9 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -4019,7 +4019,7 @@ dpaa2_sec_process_atomic_event(struct qbman_swp *swp __rte_unused,
 {
 	uint8_t dqrr_index;
 	struct dpaa2_sec_qp *qp;
-	struct rte_crypto_op *crypto_op = (struct rte_crypto_op *)ev->event_ptr;
+	struct rte_crypto_op *crypto_op;
 	/* Prefetching mbuf */
 	rte_prefetch0((void *)(size_t)(DPAA2_GET_FD_ADDR(fd)-
 		rte_dpaa2_bpid_info[DPAA2_GET_FD_BPID(fd)].meta_data_size));
@@ -4036,12 +4036,13 @@ dpaa2_sec_process_atomic_event(struct qbman_swp *swp __rte_unused,
 	ev->queue_id = rxq->ev.queue_id;
 	ev->priority = rxq->ev.priority;
 
-	ev->event_ptr = sec_fd_to_mbuf(fd, qp);
+	crypto_op = sec_fd_to_mbuf(fd, qp);
 	dqrr_index = qbman_get_dqrr_idx(dq);
 	*dpaa2_seqn(crypto_op->sym->m_src) = QBMAN_ENQUEUE_FLAG_DCA | dqrr_index;
 	DPAA2_PER_LCORE_DQRR_SIZE++;
 	DPAA2_PER_LCORE_DQRR_HELD |= 1 << dqrr_index;
 	DPAA2_PER_LCORE_DQRR_MBUF(dqrr_index) = crypto_op->sym->m_src;
+	ev->event_ptr = crypto_op;
 }
 
 static void __rte_hot
@@ -4051,7 +4052,7 @@ dpaa2_sec_process_ordered_event(struct qbman_swp *swp,
 				struct dpaa2_queue *rxq,
 				struct rte_event *ev)
 {
-	struct rte_crypto_op *crypto_op = (struct rte_crypto_op *)ev->event_ptr;
+	struct rte_crypto_op *crypto_op;
 	struct dpaa2_sec_qp *qp;
 
 	/* Prefetching mbuf */
@@ -4069,7 +4070,7 @@ dpaa2_sec_process_ordered_event(struct qbman_swp *swp,
 	ev->sched_type = rxq->ev.sched_type;
 	ev->queue_id = rxq->ev.queue_id;
 	ev->priority = rxq->ev.priority;
-	ev->event_ptr = sec_fd_to_mbuf(fd, qp);
+	crypto_op = sec_fd_to_mbuf(fd, qp);
 
 	*dpaa2_seqn(crypto_op->sym->m_src) = DPAA2_ENQUEUE_FLAG_ORP;
 	*dpaa2_seqn(crypto_op->sym->m_src) |= qbman_result_DQ_odpid(dq) <<
@@ -4078,6 +4079,7 @@ dpaa2_sec_process_ordered_event(struct qbman_swp *swp,
 		DPAA2_EQCR_SEQNUM_SHIFT;
 
 	qbman_swp_dqrr_consume(swp, dq);
+	ev->event_ptr = crypto_op;
 }
 
 int
-- 
2.25.1


^ permalink raw reply	[flat|nested] 19+ messages in thread

* [PATCH 11/14] crypto/dpaa2_sec: fix operation status for simple fd
  2022-04-22  3:50 [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak Gagandeep Singh
                   ` (4 preceding siblings ...)
  2022-04-22  3:50 ` [PATCH 10/14] crypto/dpaa2_sec: fix crypto op pointer for atomic and ordered queues Gagandeep Singh
@ 2022-04-22  3:50 ` Gagandeep Singh
  2022-04-22  3:51 ` [PATCH 14/14] common/dpaax: fix short MAC-I IV calculation for zuc Gagandeep Singh
                   ` (2 subsequent siblings)
  8 siblings, 0 replies; 19+ messages in thread
From: Gagandeep Singh @ 2022-04-22  3:50 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh, stable

Driver is not filling the operation status on dequeue
in case the FD is simple.

So setting the status as per the results.

Fixes: 0a23d4b6f4c2 ("crypto/dpaa2_sec: support protocol offload IPsec")
Cc: stable@dpdk.org

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index 9f2b384af9..8444f1a795 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -1591,6 +1591,14 @@ sec_simple_fd_to_mbuf(const struct qbman_fd *fd)
 	else
 		mbuf->data_off += SEC_FLC_DHR_INBOUND;
 
+	if (unlikely(fd->simple.frc)) {
+		DPAA2_SEC_ERR("SEC returned Error - %x",
+				fd->simple.frc);
+		op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+	} else {
+		op->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
+	}
+
 	return op;
 }
 #endif
-- 
2.25.1


^ permalink raw reply	[flat|nested] 19+ messages in thread

* [PATCH 14/14] common/dpaax: fix short MAC-I IV calculation for zuc
  2022-04-22  3:50 [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak Gagandeep Singh
                   ` (5 preceding siblings ...)
  2022-04-22  3:50 ` [PATCH 11/14] crypto/dpaa2_sec: fix operation status for simple fd Gagandeep Singh
@ 2022-04-22  3:51 ` Gagandeep Singh
  2022-04-28  7:15 ` [EXT] [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak Akhil Goyal
       [not found] ` <20220428114733.1419957-1-g.singh@nxp.com>
  8 siblings, 0 replies; 19+ messages in thread
From: Gagandeep Singh @ 2022-04-22  3:51 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh, stable

Fixing the IV caluclation for zuc based short MAC-I
as per the HW security engine guidelines.

Fixes: 73a24060cd70 ("crypto/dpaa2_sec: add sample PDCP descriptor APIs")
Cc: stable@dpdk.org

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/common/dpaax/caamflib/desc/pdcp.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/common/dpaax/caamflib/desc/pdcp.h b/drivers/common/dpaax/caamflib/desc/pdcp.h
index 46153b9c29..289ee2a7d5 100644
--- a/drivers/common/dpaax/caamflib/desc/pdcp.h
+++ b/drivers/common/dpaax/caamflib/desc/pdcp.h
@@ -3066,7 +3066,7 @@ cnstr_shdsc_pdcp_short_mac(uint32_t *descbuf,
 
 	case PDCP_AUTH_TYPE_ZUC:
 		iv[0] = 0xFFFFFFFF;
-		iv[1] = swap ? swab32(0xFC000000) : 0xFC000000;
+		iv[1] = swab32(0xFC000000);
 		iv[2] = 0x00000000; /* unused */
 
 		KEY(p, KEY2, authdata->key_enc_flags, authdata->key,
-- 
2.25.1


^ permalink raw reply	[flat|nested] 19+ messages in thread

* RE: [EXT] [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak
  2022-04-22  3:50 [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak Gagandeep Singh
                   ` (6 preceding siblings ...)
  2022-04-22  3:51 ` [PATCH 14/14] common/dpaax: fix short MAC-I IV calculation for zuc Gagandeep Singh
@ 2022-04-28  7:15 ` Akhil Goyal
  2022-04-28  9:23   ` Gagandeep Singh
       [not found] ` <20220428114733.1419957-1-g.singh@nxp.com>
  8 siblings, 1 reply; 19+ messages in thread
From: Akhil Goyal @ 2022-04-28  7:15 UTC (permalink / raw)
  To: Gagandeep Singh, dev; +Cc: stable

> Driver allocates a fle buffer for each packet
> before enqueue and free the buffer on dequeue. But in case if
> there are enqueue failures, then code should free the fle buffers.
> 
> Fixes: b15cbf5b2d88 ("crypto/dpaa2_sec: fix fle buffer leak")
> Cc: stable@dpdk.org
> 
> Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
> ---

You should use check-git-log
$ ./devtools/check-git-log.sh -14
Wrong headline format:
        crypto/dpaa_sec : fix secondary process probe
Wrong headline prefix:
        dpaax/caamflib: remove obsolete code
        crypto/dpaa2_sec: per queue pair fle pool
        crypto/dpaa_sec: remove unused thread specific variables
Wrong headline case:
                        "crypto/dpaa_sec: fix length for chain fd in raw sec driver": fd --> FD
Wrong headline case:
                        "crypto/dpaa2_sec: fix length for chain fd in raw sec driver": fd --> FD
Wrong headline case:
                        "crypto/dpaa2_sec: fix operation status for simple fd": fd --> FD
Headline too long:
        crypto/dpaa2_sec: fix crypto op pointer for atomic and ordered queues
Wrong 'Fixes' reference:
        Fixes: b15cbf5b2d88 ("crypto/dpaa2_sec: fix fle buffer leak")

Invalid patch(es) found - checked 14 patches

^ permalink raw reply	[flat|nested] 19+ messages in thread

* RE: [EXT] [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak
  2022-04-28  7:15 ` [EXT] [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak Akhil Goyal
@ 2022-04-28  9:23   ` Gagandeep Singh
  2022-04-28  9:29     ` Akhil Goyal
  0 siblings, 1 reply; 19+ messages in thread
From: Gagandeep Singh @ 2022-04-28  9:23 UTC (permalink / raw)
  To: Akhil Goyal, dev; +Cc: stable

Hi,

> -----Original Message-----
> From: Akhil Goyal <gakhil@marvell.com>
> Sent: Thursday, April 28, 2022 12:46 PM
> To: Gagandeep Singh <G.Singh@nxp.com>; dev@dpdk.org
> Cc: stable@dpdk.org
> Subject: RE: [EXT] [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak
> 
> > Driver allocates a fle buffer for each packet before enqueue and free
> > the buffer on dequeue. But in case if there are enqueue failures, then
> > code should free the fle buffers.
> >
> > Fixes: b15cbf5b2d88 ("crypto/dpaa2_sec: fix fle buffer leak")
> > Cc: stable@dpdk.org
> >
> > Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
> > ---
> 
> You should use check-git-log
> $ ./devtools/check-git-log.sh -14
> Wrong headline format:
>         crypto/dpaa_sec : fix secondary process probe Wrong headline prefix:
>         dpaax/caamflib: remove obsolete code
>         crypto/dpaa2_sec: per queue pair fle pool
>         crypto/dpaa_sec: remove unused thread specific variables Wrong headline
> case:
>                         "crypto/dpaa_sec: fix length for chain fd in raw sec driver": fd -->
> FD Wrong headline case:
>                         "crypto/dpaa2_sec: fix length for chain fd in raw sec driver": fd -->
> FD Wrong headline case:
>                         "crypto/dpaa2_sec: fix operation status for simple fd": fd --> FD
> Headline too long:
>         crypto/dpaa2_sec: fix crypto op pointer for atomic and ordered queues
> Wrong 'Fixes' reference:
>         Fixes: b15cbf5b2d88 ("crypto/dpaa2_sec: fix fle buffer leak")
> 
> Invalid patch(es) found - checked 14 patches

In two of the patches check-git-log is giving below error:

Wrong headline prefix:
        crypto/dpaa2_sec: per queue pair fle pool
        crypto/dpaa_sec: remove unused thread specific variables

Invalid patch(es) found - checked 14 patches

These patches have changes in bus as well in crypto drivers. What would be the correct headline prefix for these patches? Please advise.

^ permalink raw reply	[flat|nested] 19+ messages in thread

* RE: [EXT] [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak
  2022-04-28  9:23   ` Gagandeep Singh
@ 2022-04-28  9:29     ` Akhil Goyal
  0 siblings, 0 replies; 19+ messages in thread
From: Akhil Goyal @ 2022-04-28  9:29 UTC (permalink / raw)
  To: Gagandeep Singh, dev; +Cc: stable

> > You should use check-git-log
> > $ ./devtools/check-git-log.sh -14
> > Wrong headline format:
> >         crypto/dpaa_sec : fix secondary process probe Wrong headline prefix:
> >         dpaax/caamflib: remove obsolete code
> >         crypto/dpaa2_sec: per queue pair fle pool
> >         crypto/dpaa_sec: remove unused thread specific variables Wrong
> headline
> > case:
> >                         "crypto/dpaa_sec: fix length for chain fd in raw sec driver": fd -->
> > FD Wrong headline case:
> >                         "crypto/dpaa2_sec: fix length for chain fd in raw sec driver": fd --
> >
> > FD Wrong headline case:
> >                         "crypto/dpaa2_sec: fix operation status for simple fd": fd --> FD
> > Headline too long:
> >         crypto/dpaa2_sec: fix crypto op pointer for atomic and ordered queues
> > Wrong 'Fixes' reference:
> >         Fixes: b15cbf5b2d88 ("crypto/dpaa2_sec: fix fle buffer leak")
> >
> > Invalid patch(es) found - checked 14 patches
> 
> In two of the patches check-git-log is giving below error:
> 
> Wrong headline prefix:
>         crypto/dpaa2_sec: per queue pair fle pool
>         crypto/dpaa_sec: remove unused thread specific variables
> 
> Invalid patch(es) found - checked 14 patches
> 
> These patches have changes in bus as well in crypto drivers. What would be the
> correct headline prefix for these patches? Please advise.

If the major/main change is in crypto driver, then it should be crypto/xxx or else bus/xxx

^ permalink raw reply	[flat|nested] 19+ messages in thread

* [PATCH v2 01/14] crypto/dpaa2_sec: fix fle buffer leak
       [not found] ` <20220428114733.1419957-1-g.singh@nxp.com>
@ 2022-04-28 11:47   ` Gagandeep Singh
  2022-04-28 11:47   ` [PATCH v2 02/14] crypto/dpaa2_sec: fix buffer pool ID check Gagandeep Singh
                     ` (6 subsequent siblings)
  7 siblings, 0 replies; 19+ messages in thread
From: Gagandeep Singh @ 2022-04-28 11:47 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh, stable

Driver allocates a fle buffer for each packet
before enqueue and free the buffer on dequeue. But in case if
there are enqueue failures, then code should free the fle buffers.

Fixes: 4562de326d30 ("crypto/dpaa2_sec: support ordered queue")
Fixes: 3ffce51a1f04 ("crypto/dpaa2_sec: add enqueue retry timeout")
Cc: stable@dpdk.org

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 35 ++++++++++++++++++++-
 1 file changed, 34 insertions(+), 1 deletion(-)

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index e62d04852b..03fef5e500 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -1,7 +1,7 @@
 /* SPDX-License-Identifier: BSD-3-Clause
  *
  *   Copyright (c) 2016 Freescale Semiconductor, Inc. All rights reserved.
- *   Copyright 2016-2021 NXP
+ *   Copyright 2016-2022 NXP
  *
  */
 
@@ -64,6 +64,27 @@ enum dpaa2_sec_dump_levels {
 uint8_t cryptodev_driver_id;
 uint8_t dpaa2_sec_dp_dump = DPAA2_SEC_DP_ERR_DUMP;
 
+static inline void
+free_fle(const struct qbman_fd *fd)
+{
+	struct qbman_fle *fle;
+	struct rte_crypto_op *op;
+	struct ctxt_priv *priv;
+
+#ifdef RTE_LIB_SECURITY
+	if (DPAA2_FD_GET_FORMAT(fd) == qbman_fd_single)
+		return;
+#endif
+	fle = (struct qbman_fle *)DPAA2_IOVA_TO_VADDR(DPAA2_GET_FD_ADDR(fd));
+	op = (struct rte_crypto_op *)DPAA2_GET_FLE_ADDR((fle - 1));
+	/* free the fle memory */
+	if (likely(rte_pktmbuf_is_contiguous(op->sym->m_src))) {
+		priv = (struct ctxt_priv *)(size_t)DPAA2_GET_FLE_CTXT(fle - 1);
+		rte_mempool_put(priv->fle_pool, (void *)(fle-1));
+	} else
+		rte_free((void *)(fle-1));
+}
+
 #ifdef RTE_LIB_SECURITY
 static inline int
 build_proto_compound_sg_fd(dpaa2_sec_session *sess,
@@ -1513,6 +1534,12 @@ dpaa2_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,
 				if (retry_count > DPAA2_MAX_TX_RETRY_COUNT) {
 					num_tx += loop;
 					nb_ops -= loop;
+					DPAA2_SEC_DP_DEBUG("Enqueue fail\n");
+					/* freeing the fle buffers */
+					while (loop < frames_to_send) {
+						free_fle(&fd_arr[loop]);
+						loop++;
+					}
 					goto skip_tx;
 				}
 			} else {
@@ -1854,6 +1881,12 @@ dpaa2_sec_enqueue_burst_ordered(void *qp, struct rte_crypto_op **ops,
 				if (retry_count > DPAA2_MAX_TX_RETRY_COUNT) {
 					num_tx += loop;
 					nb_ops -= loop;
+					DPAA2_SEC_DP_DEBUG("Enqueue fail\n");
+					/* freeing the fle buffers */
+					while (loop < frames_to_send) {
+						free_fle(&fd_arr[loop]);
+						loop++;
+					}
 					goto skip_tx;
 				}
 			} else {
-- 
2.25.1


^ permalink raw reply	[flat|nested] 19+ messages in thread

* [PATCH v2 02/14] crypto/dpaa2_sec: fix buffer pool ID check
       [not found] ` <20220428114733.1419957-1-g.singh@nxp.com>
  2022-04-28 11:47   ` [PATCH v2 " Gagandeep Singh
@ 2022-04-28 11:47   ` Gagandeep Singh
  2022-04-28 11:47   ` [PATCH v2 03/14] crypto/dpaa_sec: fix length for chain FD in raw sec driver Gagandeep Singh
                     ` (5 subsequent siblings)
  7 siblings, 0 replies; 19+ messages in thread
From: Gagandeep Singh @ 2022-04-28 11:47 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh, stable

Simple fd rely on bpid of the buffers whereas
other FD types can support buffers without bpid
of pool.

So moving the bpid check to simple fd to mbuf
conversion function.

Fixes: 8d1f3a5d751b ("crypto/dpaa2_sec: support crypto operation")
Cc: stable@dpdk.org

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index 03fef5e500..2374d67978 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -1566,6 +1566,10 @@ sec_simple_fd_to_mbuf(const struct qbman_fd *fd)
 	int16_t diff = 0;
 	dpaa2_sec_session *sess_priv __rte_unused;
 
+	if (unlikely(DPAA2_GET_FD_IVP(fd))) {
+		DPAA2_SEC_ERR("error: non inline buffer");
+		return NULL;
+	}
 	struct rte_mbuf *mbuf = DPAA2_INLINE_MBUF_FROM_BUF(
 		DPAA2_IOVA_TO_VADDR(DPAA2_GET_FD_ADDR(fd)),
 		rte_dpaa2_bpid_info[DPAA2_GET_FD_BPID(fd)].meta_data_size);
@@ -1612,11 +1616,6 @@ sec_fd_to_mbuf(const struct qbman_fd *fd)
 	 * We can have a better approach to use the inline Mbuf
 	 */
 
-	if (unlikely(DPAA2_GET_FD_IVP(fd))) {
-		/* TODO complete it. */
-		DPAA2_SEC_ERR("error: non inline buffer");
-		return NULL;
-	}
 	op = (struct rte_crypto_op *)DPAA2_GET_FLE_ADDR((fle - 1));
 
 	/* Prefeth op */
-- 
2.25.1


^ permalink raw reply	[flat|nested] 19+ messages in thread

* [PATCH v2 03/14] crypto/dpaa_sec: fix length for chain FD in raw sec driver
       [not found] ` <20220428114733.1419957-1-g.singh@nxp.com>
  2022-04-28 11:47   ` [PATCH v2 " Gagandeep Singh
  2022-04-28 11:47   ` [PATCH v2 02/14] crypto/dpaa2_sec: fix buffer pool ID check Gagandeep Singh
@ 2022-04-28 11:47   ` Gagandeep Singh
  2022-04-28 11:47   ` [PATCH v2 04/14] crypto/dpaa2_sec: " Gagandeep Singh
                     ` (4 subsequent siblings)
  7 siblings, 0 replies; 19+ messages in thread
From: Gagandeep Singh @ 2022-04-28 11:47 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh, stable

DPAA sec raw driver is calculating the wrong lengths while
creating the FD for chain.
This patch fixes lengths for chain FD.

Fixes: 78156d38e112 ("crypto/dpaa_sec: support authonly and chain with raw API")
Cc: stable@dpdk.org

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c b/drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c
index 522685f8cf..29f4e6d40b 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec_raw_dp.c
@@ -1,5 +1,5 @@
 /* SPDX-License-Identifier: BSD-3-Clause
- * Copyright 2021 NXP
+ * Copyright 2021-2022 NXP
  */
 
 #include <rte_byteorder.h>
@@ -397,8 +397,8 @@ build_dpaa_raw_dp_chain_fd(uint8_t *drv_ctx,
 	unsigned int i;
 	uint16_t auth_hdr_len = ofs.ofs.cipher.head -
 				ofs.ofs.auth.head;
-	uint16_t auth_tail_len = ofs.ofs.auth.tail;
-	uint32_t auth_only_len = (auth_tail_len << 16) | auth_hdr_len;
+	uint16_t auth_tail_len;
+	uint32_t auth_only_len;
 	int data_len = 0, auth_len = 0, cipher_len = 0;
 
 	for (i = 0; i < sgl->num; i++)
@@ -406,6 +406,8 @@ build_dpaa_raw_dp_chain_fd(uint8_t *drv_ctx,
 
 	cipher_len = data_len - ofs.ofs.cipher.head - ofs.ofs.cipher.tail;
 	auth_len = data_len - ofs.ofs.auth.head - ofs.ofs.auth.tail;
+	auth_tail_len = auth_len - cipher_len - auth_hdr_len;
+	auth_only_len = (auth_tail_len << 16) | auth_hdr_len;
 
 	if (sgl->num > MAX_SG_ENTRIES) {
 		DPAA_SEC_DP_ERR("Cipher-Auth: Max sec segs supported is %d",
@@ -448,6 +450,7 @@ build_dpaa_raw_dp_chain_fd(uint8_t *drv_ctx,
 			qm_sg_entry_set64(sg, dest_sgl->vec[i].iova);
 			sg->length = dest_sgl->vec[i].len;
 		}
+		sg->length -= ofs.ofs.cipher.tail;
 	} else {
 		qm_sg_entry_set64(sg, sgl->vec[0].iova);
 		sg->length = sgl->vec[0].len - ofs.ofs.cipher.head;
@@ -460,6 +463,7 @@ build_dpaa_raw_dp_chain_fd(uint8_t *drv_ctx,
 			qm_sg_entry_set64(sg, sgl->vec[i].iova);
 			sg->length = sgl->vec[i].len;
 		}
+		sg->length -= ofs.ofs.cipher.tail;
 	}
 
 	if (is_encode(ses)) {
-- 
2.25.1


^ permalink raw reply	[flat|nested] 19+ messages in thread

* [PATCH v2 04/14] crypto/dpaa2_sec: fix length for chain FD in raw sec driver
       [not found] ` <20220428114733.1419957-1-g.singh@nxp.com>
                     ` (2 preceding siblings ...)
  2022-04-28 11:47   ` [PATCH v2 03/14] crypto/dpaa_sec: fix length for chain FD in raw sec driver Gagandeep Singh
@ 2022-04-28 11:47   ` Gagandeep Singh
  2022-04-28 11:47   ` [PATCH v2 08/14] crypto/dpaa_sec: fix secondary process probe Gagandeep Singh
                     ` (3 subsequent siblings)
  7 siblings, 0 replies; 19+ messages in thread
From: Gagandeep Singh @ 2022-04-28 11:47 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh, stable

DPAA2 sec raw driver is calculating the wrong lengths while
creating the FD for chain.
This patch fixes lengths for chain FD.

Fixes: aa6ec1fd8443 ("crypto/dpaa2_sec: support authenc with raw buffer API")
Cc: stable@dpdk.org

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c
index 74f2045637..e68a4875dd 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_raw_dp.c
@@ -1,5 +1,5 @@
 /* SPDX-License-Identifier: BSD-3-Clause
- * Copyright 2021 NXP
+ * Copyright 2021-2022 NXP
  */
 
 #include <cryptodev_pmd.h>
@@ -44,8 +44,8 @@ build_raw_dp_chain_fd(uint8_t *drv_ctx,
 	uint16_t auth_hdr_len = ofs.ofs.cipher.head -
 				ofs.ofs.auth.head;
 
-	uint16_t auth_tail_len = ofs.ofs.auth.tail;
-	uint32_t auth_only_len = (auth_tail_len << 16) | auth_hdr_len;
+	uint16_t auth_tail_len;
+	uint32_t auth_only_len;
 	int icv_len = sess->digest_length;
 	uint8_t *old_icv;
 	uint8_t *iv_ptr = iv->va;
@@ -55,6 +55,8 @@ build_raw_dp_chain_fd(uint8_t *drv_ctx,
 
 	cipher_len = data_len - ofs.ofs.cipher.head - ofs.ofs.cipher.tail;
 	auth_len = data_len - ofs.ofs.auth.head - ofs.ofs.auth.tail;
+	auth_tail_len = auth_len - cipher_len - auth_hdr_len;
+	auth_only_len = (auth_tail_len << 16) | auth_hdr_len;
 	/* first FLE entry used to store session ctxt */
 	fle = (struct qbman_fle *)rte_malloc(NULL,
 			FLE_SG_MEM_SIZE(2 * sgl->num),
@@ -104,6 +106,7 @@ build_raw_dp_chain_fd(uint8_t *drv_ctx,
 			DPAA2_SET_FLE_OFFSET(sge, 0);
 			sge->length = dest_sgl->vec[i].len;
 		}
+		sge->length -= ofs.ofs.cipher.tail;
 	} else {
 		/* Configure Output SGE for Encap/Decap */
 		DPAA2_SET_FLE_ADDR(sge, sgl->vec[0].iova);
@@ -117,6 +120,7 @@ build_raw_dp_chain_fd(uint8_t *drv_ctx,
 			DPAA2_SET_FLE_OFFSET(sge, 0);
 			sge->length = sgl->vec[i].len;
 		}
+		sge->length -= ofs.ofs.cipher.tail;
 	}
 
 	if (sess->dir == DIR_ENC) {
-- 
2.25.1


^ permalink raw reply	[flat|nested] 19+ messages in thread

* [PATCH v2 08/14] crypto/dpaa_sec: fix secondary process probe
       [not found] ` <20220428114733.1419957-1-g.singh@nxp.com>
                     ` (3 preceding siblings ...)
  2022-04-28 11:47   ` [PATCH v2 04/14] crypto/dpaa2_sec: " Gagandeep Singh
@ 2022-04-28 11:47   ` Gagandeep Singh
  2022-04-28 11:47   ` [PATCH v2 10/14] crypto/dpaa2_sec: fix crypto op pointer value Gagandeep Singh
                     ` (2 subsequent siblings)
  7 siblings, 0 replies; 19+ messages in thread
From: Gagandeep Singh @ 2022-04-28 11:47 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Vanshika Shukla, stable

From: Vanshika Shukla <vanshika.shukla@nxp.com>

DPAA hardware supports non-i/o performing secondary
applications only. So we do not have to probe crypto
devices in secondary applications.

Fixes: c3e85bdcc6e6 ("crypto/dpaa_sec: add crypto driver for NXP DPAA platform")
Cc: stable@dpdk.org

Signed-off-by: Vanshika Shukla <vanshika.shukla@nxp.com>
---
 drivers/crypto/dpaa_sec/dpaa_sec.c | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c
index 23a94d7e41..6f2b4baf57 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
@@ -3766,23 +3766,24 @@ cryptodev_dpaa_sec_probe(struct rte_dpaa_driver *dpaa_drv __rte_unused,
 
 	int retval;
 
+	if (rte_eal_process_type() != RTE_PROC_PRIMARY)
+		return 0;
+
 	snprintf(cryptodev_name, sizeof(cryptodev_name), "%s", dpaa_dev->name);
 
 	cryptodev = rte_cryptodev_pmd_allocate(cryptodev_name, rte_socket_id());
 	if (cryptodev == NULL)
 		return -ENOMEM;
 
-	if (rte_eal_process_type() == RTE_PROC_PRIMARY) {
-		cryptodev->data->dev_private = rte_zmalloc_socket(
-					"cryptodev private structure",
-					sizeof(struct dpaa_sec_dev_private),
-					RTE_CACHE_LINE_SIZE,
-					rte_socket_id());
+	cryptodev->data->dev_private = rte_zmalloc_socket(
+				"cryptodev private structure",
+				sizeof(struct dpaa_sec_dev_private),
+				RTE_CACHE_LINE_SIZE,
+				rte_socket_id());
 
-		if (cryptodev->data->dev_private == NULL)
-			rte_panic("Cannot allocate memzone for private "
-					"device data");
-	}
+	if (cryptodev->data->dev_private == NULL)
+		rte_panic("Cannot allocate memzone for private "
+				"device data");
 
 	dpaa_dev->crypto_dev = cryptodev;
 	cryptodev->device = &dpaa_dev->device;
@@ -3824,8 +3825,7 @@ cryptodev_dpaa_sec_probe(struct rte_dpaa_driver *dpaa_drv __rte_unused,
 	retval = -ENXIO;
 out:
 	/* In case of error, cleanup is done */
-	if (rte_eal_process_type() == RTE_PROC_PRIMARY)
-		rte_free(cryptodev->data->dev_private);
+	rte_free(cryptodev->data->dev_private);
 
 	rte_cryptodev_pmd_release_device(cryptodev);
 
-- 
2.25.1


^ permalink raw reply	[flat|nested] 19+ messages in thread

* [PATCH v2 10/14] crypto/dpaa2_sec: fix crypto op pointer value
       [not found] ` <20220428114733.1419957-1-g.singh@nxp.com>
                     ` (4 preceding siblings ...)
  2022-04-28 11:47   ` [PATCH v2 08/14] crypto/dpaa_sec: fix secondary process probe Gagandeep Singh
@ 2022-04-28 11:47   ` Gagandeep Singh
  2022-04-28 11:47   ` [PATCH v2 11/14] crypto/dpaa2_sec: fix operation status for simple FD Gagandeep Singh
  2022-04-28 11:47   ` [PATCH v2 14/14] common/dpaax: fix short MAC-I IV calculation for zuc Gagandeep Singh
  7 siblings, 0 replies; 19+ messages in thread
From: Gagandeep Singh @ 2022-04-28 11:47 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh, stable

Driver is filling the crypto_op variable with an invalid value
for atomic and ordered events which can results into
segmentation fault.

This patch assigning the correct crypto_op and event buffer
pointers by extracting from FD.

Fixes: a77db24643b7 ("crypto/dpaa2_sec: support atomic queues")
Fixes: 4562de326d30 ("crypto/dpaa2_sec: support ordered queue")
Cc: stable@dpdk.org

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index 86c8df241b..9f2b384af9 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -4019,7 +4019,7 @@ dpaa2_sec_process_atomic_event(struct qbman_swp *swp __rte_unused,
 {
 	uint8_t dqrr_index;
 	struct dpaa2_sec_qp *qp;
-	struct rte_crypto_op *crypto_op = (struct rte_crypto_op *)ev->event_ptr;
+	struct rte_crypto_op *crypto_op;
 	/* Prefetching mbuf */
 	rte_prefetch0((void *)(size_t)(DPAA2_GET_FD_ADDR(fd)-
 		rte_dpaa2_bpid_info[DPAA2_GET_FD_BPID(fd)].meta_data_size));
@@ -4036,12 +4036,13 @@ dpaa2_sec_process_atomic_event(struct qbman_swp *swp __rte_unused,
 	ev->queue_id = rxq->ev.queue_id;
 	ev->priority = rxq->ev.priority;
 
-	ev->event_ptr = sec_fd_to_mbuf(fd, qp);
+	crypto_op = sec_fd_to_mbuf(fd, qp);
 	dqrr_index = qbman_get_dqrr_idx(dq);
 	*dpaa2_seqn(crypto_op->sym->m_src) = QBMAN_ENQUEUE_FLAG_DCA | dqrr_index;
 	DPAA2_PER_LCORE_DQRR_SIZE++;
 	DPAA2_PER_LCORE_DQRR_HELD |= 1 << dqrr_index;
 	DPAA2_PER_LCORE_DQRR_MBUF(dqrr_index) = crypto_op->sym->m_src;
+	ev->event_ptr = crypto_op;
 }
 
 static void __rte_hot
@@ -4051,7 +4052,7 @@ dpaa2_sec_process_ordered_event(struct qbman_swp *swp,
 				struct dpaa2_queue *rxq,
 				struct rte_event *ev)
 {
-	struct rte_crypto_op *crypto_op = (struct rte_crypto_op *)ev->event_ptr;
+	struct rte_crypto_op *crypto_op;
 	struct dpaa2_sec_qp *qp;
 
 	/* Prefetching mbuf */
@@ -4069,7 +4070,7 @@ dpaa2_sec_process_ordered_event(struct qbman_swp *swp,
 	ev->sched_type = rxq->ev.sched_type;
 	ev->queue_id = rxq->ev.queue_id;
 	ev->priority = rxq->ev.priority;
-	ev->event_ptr = sec_fd_to_mbuf(fd, qp);
+	crypto_op = sec_fd_to_mbuf(fd, qp);
 
 	*dpaa2_seqn(crypto_op->sym->m_src) = DPAA2_ENQUEUE_FLAG_ORP;
 	*dpaa2_seqn(crypto_op->sym->m_src) |= qbman_result_DQ_odpid(dq) <<
@@ -4078,6 +4079,7 @@ dpaa2_sec_process_ordered_event(struct qbman_swp *swp,
 		DPAA2_EQCR_SEQNUM_SHIFT;
 
 	qbman_swp_dqrr_consume(swp, dq);
+	ev->event_ptr = crypto_op;
 }
 
 int
-- 
2.25.1


^ permalink raw reply	[flat|nested] 19+ messages in thread

* [PATCH v2 11/14] crypto/dpaa2_sec: fix operation status for simple FD
       [not found] ` <20220428114733.1419957-1-g.singh@nxp.com>
                     ` (5 preceding siblings ...)
  2022-04-28 11:47   ` [PATCH v2 10/14] crypto/dpaa2_sec: fix crypto op pointer value Gagandeep Singh
@ 2022-04-28 11:47   ` Gagandeep Singh
  2022-04-28 11:47   ` [PATCH v2 14/14] common/dpaax: fix short MAC-I IV calculation for zuc Gagandeep Singh
  7 siblings, 0 replies; 19+ messages in thread
From: Gagandeep Singh @ 2022-04-28 11:47 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh, stable

Driver is not filling the operation status on dequeue
in case the FD is simple.

So setting the status as per the results.

Fixes: 0a23d4b6f4c2 ("crypto/dpaa2_sec: support protocol offload IPsec")
Cc: stable@dpdk.org

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index 9f2b384af9..8444f1a795 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -1591,6 +1591,14 @@ sec_simple_fd_to_mbuf(const struct qbman_fd *fd)
 	else
 		mbuf->data_off += SEC_FLC_DHR_INBOUND;
 
+	if (unlikely(fd->simple.frc)) {
+		DPAA2_SEC_ERR("SEC returned Error - %x",
+				fd->simple.frc);
+		op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+	} else {
+		op->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
+	}
+
 	return op;
 }
 #endif
-- 
2.25.1


^ permalink raw reply	[flat|nested] 19+ messages in thread

* [PATCH v2 14/14] common/dpaax: fix short MAC-I IV calculation for zuc
       [not found] ` <20220428114733.1419957-1-g.singh@nxp.com>
                     ` (6 preceding siblings ...)
  2022-04-28 11:47   ` [PATCH v2 11/14] crypto/dpaa2_sec: fix operation status for simple FD Gagandeep Singh
@ 2022-04-28 11:47   ` Gagandeep Singh
  7 siblings, 0 replies; 19+ messages in thread
From: Gagandeep Singh @ 2022-04-28 11:47 UTC (permalink / raw)
  To: gakhil, dev; +Cc: Gagandeep Singh, stable

Fixing the IV caluclation for zuc based short MAC-I
as per the HW security engine guidelines.

Fixes: 73a24060cd70 ("crypto/dpaa2_sec: add sample PDCP descriptor APIs")
Cc: stable@dpdk.org

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/common/dpaax/caamflib/desc/pdcp.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/common/dpaax/caamflib/desc/pdcp.h b/drivers/common/dpaax/caamflib/desc/pdcp.h
index 46153b9c29..289ee2a7d5 100644
--- a/drivers/common/dpaax/caamflib/desc/pdcp.h
+++ b/drivers/common/dpaax/caamflib/desc/pdcp.h
@@ -3066,7 +3066,7 @@ cnstr_shdsc_pdcp_short_mac(uint32_t *descbuf,
 
 	case PDCP_AUTH_TYPE_ZUC:
 		iv[0] = 0xFFFFFFFF;
-		iv[1] = swap ? swab32(0xFC000000) : 0xFC000000;
+		iv[1] = swab32(0xFC000000);
 		iv[2] = 0x00000000; /* unused */
 
 		KEY(p, KEY2, authdata->key_enc_flags, authdata->key,
-- 
2.25.1


^ permalink raw reply	[flat|nested] 19+ messages in thread

end of thread, other threads:[~2022-04-28 11:48 UTC | newest]

Thread overview: 19+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-04-22  3:50 [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak Gagandeep Singh
2022-04-22  3:50 ` [PATCH 02/14] crypto/dpaa2_sec: fix buffer pool ID check Gagandeep Singh
2022-04-22  3:50 ` [PATCH 03/14] crypto/dpaa_sec: fix length for chain fd in raw sec driver Gagandeep Singh
2022-04-22  3:50 ` [PATCH 04/14] crypto/dpaa2_sec: " Gagandeep Singh
2022-04-22  3:50 ` [PATCH 08/14] crypto/dpaa_sec : fix secondary process probe Gagandeep Singh
2022-04-22  3:50 ` [PATCH 10/14] crypto/dpaa2_sec: fix crypto op pointer for atomic and ordered queues Gagandeep Singh
2022-04-22  3:50 ` [PATCH 11/14] crypto/dpaa2_sec: fix operation status for simple fd Gagandeep Singh
2022-04-22  3:51 ` [PATCH 14/14] common/dpaax: fix short MAC-I IV calculation for zuc Gagandeep Singh
2022-04-28  7:15 ` [EXT] [PATCH 01/14] crypto/dpaa2_sec: fix fle buffer leak Akhil Goyal
2022-04-28  9:23   ` Gagandeep Singh
2022-04-28  9:29     ` Akhil Goyal
     [not found] ` <20220428114733.1419957-1-g.singh@nxp.com>
2022-04-28 11:47   ` [PATCH v2 " Gagandeep Singh
2022-04-28 11:47   ` [PATCH v2 02/14] crypto/dpaa2_sec: fix buffer pool ID check Gagandeep Singh
2022-04-28 11:47   ` [PATCH v2 03/14] crypto/dpaa_sec: fix length for chain FD in raw sec driver Gagandeep Singh
2022-04-28 11:47   ` [PATCH v2 04/14] crypto/dpaa2_sec: " Gagandeep Singh
2022-04-28 11:47   ` [PATCH v2 08/14] crypto/dpaa_sec: fix secondary process probe Gagandeep Singh
2022-04-28 11:47   ` [PATCH v2 10/14] crypto/dpaa2_sec: fix crypto op pointer value Gagandeep Singh
2022-04-28 11:47   ` [PATCH v2 11/14] crypto/dpaa2_sec: fix operation status for simple FD Gagandeep Singh
2022-04-28 11:47   ` [PATCH v2 14/14] common/dpaax: fix short MAC-I IV calculation for zuc Gagandeep Singh

patches for DPDK stable branches

This inbox may be cloned and mirrored by anyone:

	git clone --mirror http://inbox.dpdk.org/stable/0 stable/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 stable stable/ http://inbox.dpdk.org/stable \
		stable@dpdk.org
	public-inbox-index stable

Example config snippet for mirrors.
Newsgroup available over NNTP:
	nntp://inbox.dpdk.org/inbox.dpdk.stable


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git