patches for DPDK stable branches
 help / color / Atom feed
* [dpdk-stable] [PATCH 1/2] common/cpt: remove redundant CPT_BYTE_* macros
@ 2020-09-16 10:36 Archana Muniganti
  2020-09-16 10:37 ` [dpdk-stable] [PATCH 2/2] common/cpt: add check for mac_len Archana Muniganti
  2020-10-09 12:26 ` [dpdk-stable] [PATCH 1/2] common/cpt: remove redundant CPT_BYTE_* macros Akhil Goyal
  0 siblings, 2 replies; 4+ messages in thread
From: Archana Muniganti @ 2020-09-16 10:36 UTC (permalink / raw)
  To: akhil.goyal, anoobj, adwivedi; +Cc: Archana Muniganti, dev, stable

The macros can be replaced with actual constants.

Signed-off-by: Archana Muniganti <marchana@marvell.com>
---
 drivers/common/cpt/cpt_mcode_defines.h |  3 ---
 drivers/common/cpt/cpt_ucode.h         | 14 +++++++-------
 2 files changed, 7 insertions(+), 10 deletions(-)

diff --git a/drivers/common/cpt/cpt_mcode_defines.h b/drivers/common/cpt/cpt_mcode_defines.h
index fd306ab..ee2c7f3 100644
--- a/drivers/common/cpt/cpt_mcode_defines.h
+++ b/drivers/common/cpt/cpt_mcode_defines.h
@@ -38,9 +38,6 @@
 #define CPT_BLOCK_TYPE1 0
 #define CPT_BLOCK_TYPE2 1
 
-#define CPT_BYTE_16		16
-#define CPT_BYTE_24		24
-#define CPT_BYTE_32		32
 #define CPT_MAX_SG_IN_OUT_CNT	32
 #define CPT_MAX_SG_CNT		(CPT_MAX_SG_IN_OUT_CNT/2)
 
diff --git a/drivers/common/cpt/cpt_ucode.h b/drivers/common/cpt/cpt_ucode.h
index 44067cf..0cfba0b 100644
--- a/drivers/common/cpt/cpt_ucode.h
+++ b/drivers/common/cpt/cpt_ucode.h
@@ -47,9 +47,9 @@
 cpt_fc_ciph_validate_key_aes(uint16_t key_len)
 {
 	switch (key_len) {
-	case CPT_BYTE_16:
-	case CPT_BYTE_24:
-	case CPT_BYTE_32:
+	case 16:
+	case 24:
+	case 32:
 		return 0;
 	default:
 		return -1;
@@ -82,7 +82,7 @@
 		break;
 	case AES_XTS:
 		key_len = key_len / 2;
-		if (unlikely(key_len == CPT_BYTE_24)) {
+		if (unlikely(key_len == 24)) {
 			CPT_LOG_DP_ERR("Invalid AES key len for XTS");
 			return -1;
 		}
@@ -128,13 +128,13 @@
 {
 	mc_aes_type_t aes_key_type = 0;
 	switch (key_len) {
-	case CPT_BYTE_16:
+	case 16:
 		aes_key_type = AES_128_BIT;
 		break;
-	case CPT_BYTE_24:
+	case 24:
 		aes_key_type = AES_192_BIT;
 		break;
-	case CPT_BYTE_32:
+	case 32:
 		aes_key_type = AES_256_BIT;
 		break;
 	default:
-- 
1.8.3.1


^ permalink raw reply	[flat|nested] 4+ messages in thread

* [dpdk-stable] [PATCH 2/2] common/cpt: add check for mac_len
  2020-09-16 10:36 [dpdk-stable] [PATCH 1/2] common/cpt: remove redundant CPT_BYTE_* macros Archana Muniganti
@ 2020-09-16 10:37 ` Archana Muniganti
  2020-09-16 15:56   ` Anoob Joseph
  2020-10-09 12:26 ` [dpdk-stable] [PATCH 1/2] common/cpt: remove redundant CPT_BYTE_* macros Akhil Goyal
  1 sibling, 1 reply; 4+ messages in thread
From: Archana Muniganti @ 2020-09-16 10:37 UTC (permalink / raw)
  To: akhil.goyal, anoobj, adwivedi; +Cc: Archana Muniganti, dev, stable

HMAC/HASH opcode algorithms supports fixed mac length.
Allowed session creation to fail when requested for
unsupported MAC length for HMAC/HASH-only use cases.

Signed-off-by: Archana Muniganti <marchana@marvell.com>
---
 drivers/common/cpt/cpt_mcode_defines.h        |  3 ++
 drivers/common/cpt/cpt_ucode.h                | 41 +++++++++++++++++++++++++++
 drivers/crypto/octeontx/otx_cryptodev_ops.c   |  8 ++++++
 drivers/crypto/octeontx2/otx2_cryptodev_ops.c |  8 ++++++
 4 files changed, 60 insertions(+)

diff --git a/drivers/common/cpt/cpt_mcode_defines.h b/drivers/common/cpt/cpt_mcode_defines.h
index ee2c7f3..0a05bd5 100644
--- a/drivers/common/cpt/cpt_mcode_defines.h
+++ b/drivers/common/cpt/cpt_mcode_defines.h
@@ -427,6 +427,9 @@ struct asym_op_params {
 #define SESS_PRIV(__sess) \
 	(void *)((uint8_t *)__sess + sizeof(struct cpt_sess_misc))
 
+#define GET_SESS_FC_TYPE(__sess) \
+	(((struct cpt_ctx *)(SESS_PRIV(__sess)))->fc_type)
+
 /*
  * Get the session size
  *
diff --git a/drivers/common/cpt/cpt_ucode.h b/drivers/common/cpt/cpt_ucode.h
index 0cfba0b..5f28bd7 100644
--- a/drivers/common/cpt/cpt_ucode.h
+++ b/drivers/common/cpt/cpt_ucode.h
@@ -35,6 +35,47 @@
 	}
 }
 
+static __rte_always_inline int
+cpt_mac_len_verify(struct rte_crypto_auth_xform *auth)
+{
+	uint16_t mac_len = auth->digest_length;
+	int ret;
+
+	switch (auth->algo) {
+	case RTE_CRYPTO_AUTH_MD5:
+	case RTE_CRYPTO_AUTH_MD5_HMAC:
+		ret = (mac_len == 16) ? 0 : -1;
+		break;
+	case RTE_CRYPTO_AUTH_SHA1:
+	case RTE_CRYPTO_AUTH_SHA1_HMAC:
+		ret = (mac_len == 20) ? 0 : -1;
+		break;
+	case RTE_CRYPTO_AUTH_SHA224:
+	case RTE_CRYPTO_AUTH_SHA224_HMAC:
+		ret = (mac_len == 28) ? 0 : -1;
+		break;
+	case RTE_CRYPTO_AUTH_SHA256:
+	case RTE_CRYPTO_AUTH_SHA256_HMAC:
+		ret = (mac_len == 32) ? 0 : -1;
+		break;
+	case RTE_CRYPTO_AUTH_SHA384:
+	case RTE_CRYPTO_AUTH_SHA384_HMAC:
+		ret = (mac_len == 48) ? 0 : -1;
+		break;
+	case RTE_CRYPTO_AUTH_SHA512:
+	case RTE_CRYPTO_AUTH_SHA512_HMAC:
+		ret = (mac_len == 64) ? 0 : -1;
+		break;
+	case RTE_CRYPTO_AUTH_NULL:
+		ret = 0;
+		break;
+	default:
+		ret = -1;
+	}
+
+	return ret;
+}
+
 static __rte_always_inline void
 cpt_fc_salt_update(void *ctx,
 		   uint8_t *salt)
diff --git a/drivers/crypto/octeontx/otx_cryptodev_ops.c b/drivers/crypto/octeontx/otx_cryptodev_ops.c
index 2cedf7d..14f22e3 100644
--- a/drivers/crypto/octeontx/otx_cryptodev_ops.c
+++ b/drivers/crypto/octeontx/otx_cryptodev_ops.c
@@ -239,6 +239,7 @@
 		      struct rte_cryptodev_sym_session *sess,
 		      struct rte_mempool *pool)
 {
+	struct rte_crypto_sym_xform *temp_xform = xform;
 	struct cpt_sess_misc *misc;
 	void *priv;
 	int ret;
@@ -279,6 +280,13 @@
 			goto priv_put;
 	}
 
+	if ((GET_SESS_FC_TYPE(misc) == HASH_HMAC) &&
+			cpt_mac_len_verify(&temp_xform->auth)) {
+		CPT_LOG_ERR("MAC length is not supported");
+		ret = -ENOTSUP;
+		goto priv_put;
+	}
+
 	set_sym_session_private_data(sess, driver_id, priv);
 
 	misc->ctx_dma_addr = rte_mempool_virt2iova(misc) +
diff --git a/drivers/crypto/octeontx2/otx2_cryptodev_ops.c b/drivers/crypto/octeontx2/otx2_cryptodev_ops.c
index 9d51b17..793c2a5 100644
--- a/drivers/crypto/octeontx2/otx2_cryptodev_ops.c
+++ b/drivers/crypto/octeontx2/otx2_cryptodev_ops.c
@@ -353,6 +353,7 @@
 		      struct rte_cryptodev_sym_session *sess,
 		      struct rte_mempool *pool)
 {
+	struct rte_crypto_sym_xform *temp_xform = xform;
 	struct cpt_sess_misc *misc;
 	void *priv;
 	int ret;
@@ -393,6 +394,13 @@
 			goto priv_put;
 	}
 
+	if ((GET_SESS_FC_TYPE(misc) == HASH_HMAC) &&
+			cpt_mac_len_verify(&temp_xform->auth)) {
+		CPT_LOG_ERR("MAC length is not supported");
+		ret = -ENOTSUP;
+		goto priv_put;
+	}
+
 	set_sym_session_private_data(sess, driver_id, misc);
 
 	misc->ctx_dma_addr = rte_mempool_virt2iova(misc) +
-- 
1.8.3.1


^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [dpdk-stable] [PATCH 2/2] common/cpt: add check for mac_len
  2020-09-16 10:37 ` [dpdk-stable] [PATCH 2/2] common/cpt: add check for mac_len Archana Muniganti
@ 2020-09-16 15:56   ` Anoob Joseph
  0 siblings, 0 replies; 4+ messages in thread
From: Anoob Joseph @ 2020-09-16 15:56 UTC (permalink / raw)
  To: Archana Muniganti, akhil.goyal, Ankur Dwivedi
  Cc: Archana Muniganti, dev, stable

> 
> HMAC/HASH opcode algorithms supports fixed mac length.
> Allowed session creation to fail when requested for unsupported MAC
> length for HMAC/HASH-only use cases.
> 
> Signed-off-by: Archana Muniganti <marchana@marvell.com>

Series Acked-by: Anoob Joseph <anoobj@marvell.com>

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [dpdk-stable] [PATCH 1/2] common/cpt: remove redundant CPT_BYTE_* macros
  2020-09-16 10:36 [dpdk-stable] [PATCH 1/2] common/cpt: remove redundant CPT_BYTE_* macros Archana Muniganti
  2020-09-16 10:37 ` [dpdk-stable] [PATCH 2/2] common/cpt: add check for mac_len Archana Muniganti
@ 2020-10-09 12:26 ` Akhil Goyal
  1 sibling, 0 replies; 4+ messages in thread
From: Akhil Goyal @ 2020-10-09 12:26 UTC (permalink / raw)
  To: Archana Muniganti, anoobj, adwivedi; +Cc: dev, stable

> The macros can be replaced with actual constants.
> 
> Signed-off-by: Archana Muniganti <marchana@marvell.com>
> ---
Series Applied to dpdk-next-crypto

Thanks.

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, back to index

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-09-16 10:36 [dpdk-stable] [PATCH 1/2] common/cpt: remove redundant CPT_BYTE_* macros Archana Muniganti
2020-09-16 10:37 ` [dpdk-stable] [PATCH 2/2] common/cpt: add check for mac_len Archana Muniganti
2020-09-16 15:56   ` Anoob Joseph
2020-10-09 12:26 ` [dpdk-stable] [PATCH 1/2] common/cpt: remove redundant CPT_BYTE_* macros Akhil Goyal

patches for DPDK stable branches

Archives are clonable:
	git clone --mirror http://inbox.dpdk.org/stable/0 stable/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 stable stable/ http://inbox.dpdk.org/stable \
		stable@dpdk.org
	public-inbox-index stable


Newsgroup available over NNTP:
	nntp://inbox.dpdk.org/inbox.dpdk.stable


AGPL code for this site: git clone https://public-inbox.org/ public-inbox