From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <stable-bounces@dpdk.org>
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id B8F32A0555
	for <public@inbox.dpdk.org>; Thu,  9 Jun 2022 13:38:44 +0200 (CEST)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id B3B884069C;
	Thu,  9 Jun 2022 13:38:44 +0200 (CEST)
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.133.124])
 by mails.dpdk.org (Postfix) with ESMTP id A7067406B4
 for <stable@dpdk.org>; Thu,  9 Jun 2022 13:38:42 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1654774722;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=7ntA83zzSVj9AuHgHC/aRgVlmv724GQIEOc1pkO8q5M=;
 b=UZveANW2v8ofOWQ4yeJ2qHFKuMn655w8ixB3KWunl8ikzaVHj5ipYVixcF9MwO5dzVd9yh
 PNBNepXG6tavyKh+H0E0bYm554qwGKfd5YtqrnbvSRybBPFtTU/qOiF0RSX/wUJiE+9Bgc
 AXXNxZWocuRt9AKyIdgIfmH52OYZNco=
Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com
 [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-638-Tkd9N6j3OYmGcPgYIFkHqA-1; Thu, 09 Jun 2022 07:38:39 -0400
X-MC-Unique: Tkd9N6j3OYmGcPgYIFkHqA-1
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com
 [10.11.54.5])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mimecast-mx02.redhat.com (Postfix) with ESMTPS id CE397800971;
 Thu,  9 Jun 2022 11:38:38 +0000 (UTC)
Received: from rh.redhat.com (unknown [10.39.195.82])
 by smtp.corp.redhat.com (Postfix) with ESMTP id D9A9B1730C;
 Thu,  9 Jun 2022 11:38:37 +0000 (UTC)
From: Kevin Traynor <ktraynor@redhat.com>
To: Radu Nicolau <radu.nicolau@intel.com>
Cc: Qi Zhang <qi.z.zhang@intel.com>,
	dpdk stable <stable@dpdk.org>
Subject: patch 'net/iavf: fix device initialization without inline crypto' has
 been queued to stable release 21.11.2
Date: Thu,  9 Jun 2022 12:36:52 +0100
Message-Id: <20220609113701.386938-65-ktraynor@redhat.com>
In-Reply-To: <20220609113701.386938-1-ktraynor@redhat.com>
References: <20220609113701.386938-1-ktraynor@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5
Authentication-Results: relay.mimecast.com;
 auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=ktraynor@redhat.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="US-ASCII"; x-default=true
X-BeenThere: stable@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: patches for DPDK stable branches <stable.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/stable>,
 <mailto:stable-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/stable/>
List-Post: <mailto:stable@dpdk.org>
List-Help: <mailto:stable-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/stable>,
 <mailto:stable-request@dpdk.org?subject=subscribe>
Errors-To: stable-bounces@dpdk.org

Hi,

FYI, your patch has been queued to stable release 21.11.2

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 06/13/22. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Queued patches are on a temporary branch at:
https://github.com/kevintraynor/dpdk-stable

This queued commit can be viewed at:
https://github.com/kevintraynor/dpdk-stable/commit/2ab0f947606ac135ff7b6ab59b6faaac139f206d

Thanks.

Kevin

---
>From 2ab0f947606ac135ff7b6ab59b6faaac139f206d Mon Sep 17 00:00:00 2001
From: Radu Nicolau <radu.nicolau@intel.com>
Date: Wed, 20 Apr 2022 12:03:01 +0100
Subject: [PATCH] net/iavf: fix device initialization without inline crypto

[ upstream commit 3940cd9b8cb3b8b9d1ab3a7b4b18177b1e954d82 ]

When the inline crypto feature VF capability flag is set also check if the
feature is enabled, otherwise the initialization will fail even when
the inline crypto is not required.

Fixes: 6bc987ecb860 ("net/iavf: support IPsec inline crypto")

Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
Acked-by: Qi Zhang <qi.z.zhang@intel.com>
---
 drivers/net/iavf/iavf_ipsec_crypto.c | 69 ++++++++++++++++++++++++++--
 1 file changed, 66 insertions(+), 3 deletions(-)

diff --git a/drivers/net/iavf/iavf_ipsec_crypto.c b/drivers/net/iavf/iavf_ipsec_crypto.c
index b1949cee91..72ce39a052 100644
--- a/drivers/net/iavf/iavf_ipsec_crypto.c
+++ b/drivers/net/iavf/iavf_ipsec_crypto.c
@@ -1564,15 +1564,78 @@ iavf_security_ctx_destroy(struct iavf_adapter *adapter)
 }
 
+static int
+iavf_ipsec_crypto_status_get(struct iavf_adapter *adapter,
+		struct virtchnl_ipsec_status *status)
+{
+	/* Perform pf-vf comms */
+	struct inline_ipsec_msg *request = NULL, *response = NULL;
+	size_t request_len, response_len;
+	int rc;
+
+	request_len = sizeof(struct inline_ipsec_msg);
+
+	request = rte_malloc("iavf-device-status-request", request_len, 0);
+	if (request == NULL) {
+		rc = -ENOMEM;
+		goto update_cleanup;
+	}
+
+	response_len = sizeof(struct inline_ipsec_msg) +
+			sizeof(struct virtchnl_ipsec_cap);
+	response = rte_malloc("iavf-device-status-response",
+			response_len, 0);
+	if (response == NULL) {
+		rc = -ENOMEM;
+		goto update_cleanup;
+	}
+
+	/* set msg header params */
+	request->ipsec_opcode = INLINE_IPSEC_OP_GET_STATUS;
+	request->req_id = (uint16_t)0xDEADBEEF;
+
+	/* send virtual channel request to add SA to hardware database */
+	rc = iavf_ipsec_crypto_request(adapter,
+			(uint8_t *)request, request_len,
+			(uint8_t *)response, response_len);
+	if (rc)
+		goto update_cleanup;
+
+	/* verify response id */
+	if (response->ipsec_opcode != request->ipsec_opcode ||
+		response->req_id != request->req_id){
+		rc = -EFAULT;
+		goto update_cleanup;
+	}
+	memcpy(status, response->ipsec_data.ipsec_status, sizeof(*status));
+
+update_cleanup:
+	rte_free(response);
+	rte_free(request);
+
+	return rc;
+}
+
+
 int
 iavf_ipsec_crypto_supported(struct iavf_adapter *adapter)
 {
 	struct virtchnl_vf_resource *resources = adapter->vf.vf_res;
+	int crypto_supported = false;
 
 	/** Capability check for IPsec Crypto */
 	if (resources && (resources->vf_cap_flags &
-		VIRTCHNL_VF_OFFLOAD_INLINE_IPSEC_CRYPTO))
-		return true;
+		VIRTCHNL_VF_OFFLOAD_INLINE_IPSEC_CRYPTO)) {
+		struct virtchnl_ipsec_status status;
+		int rc = iavf_ipsec_crypto_status_get(adapter, &status);
+		if (rc == 0 && status.status == INLINE_IPSEC_STATUS_AVAILABLE)
+			crypto_supported = true;
+	}
 
-	return false;
+	/* Clear the VF flag to return faster next call */
+	if (resources && !crypto_supported)
+		resources->vf_cap_flags &=
+				~(VIRTCHNL_VF_OFFLOAD_INLINE_IPSEC_CRYPTO);
+
+	return crypto_supported;
 }
 
-- 
2.34.3

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2022-06-09 12:34:31.254173090 +0100
+++ 0065-net-iavf-fix-device-initialization-without-inline-cr.patch	2022-06-09 12:34:29.805980743 +0100
@@ -1 +1 @@
-From 3940cd9b8cb3b8b9d1ab3a7b4b18177b1e954d82 Mon Sep 17 00:00:00 2001
+From 2ab0f947606ac135ff7b6ab59b6faaac139f206d Mon Sep 17 00:00:00 2001
@@ -5,0 +6,2 @@
+[ upstream commit 3940cd9b8cb3b8b9d1ab3a7b4b18177b1e954d82 ]
+
@@ -11 +12,0 @@
-Cc: stable@dpdk.org