From: Anoob Joseph <anoobj@marvell.com>
To: Vamsi Krishna Attunuru <vattunuru@marvell.com>,
"dev@dpdk.org" <dev@dpdk.org>
Cc: Akhil Goyal <gakhil@marvell.com>,
Vamsi Krishna Attunuru <vattunuru@marvell.com>
Subject: RE: [PATCH 1/1] crypto/cnxk: enable 3des-cbc secure capability
Date: Mon, 2 May 2022 07:42:33 +0000 [thread overview]
Message-ID: <PH0PR18MB467248B33283B6ADF7AEC6A2DFC19@PH0PR18MB4672.namprd18.prod.outlook.com> (raw)
In-Reply-To: <20220430053637.2065578-1-vattunuru@marvell.com>
Hi Vamsi,
Please see inline.
Thanks,
Anoob
> -----Original Message-----
> From: Vamsi Attunuru <vattunuru@marvell.com>
> Sent: Saturday, April 30, 2022 11:07 AM
> To: dev@dpdk.org
> Cc: Anoob Joseph <anoobj@marvell.com>; Akhil Goyal
> <gakhil@marvell.com>; Vamsi Krishna Attunuru <vattunuru@marvell.com>
> Subject: [PATCH 1/1] crypto/cnxk: enable 3des-cbc secure capability
>
> Patch enables 3DES-CBC secure capability of crypto device.
>
> Signed-off-by: Vamsi Attunuru <vattunuru@marvell.com>
> ---
> drivers/crypto/cnxk/cnxk_cryptodev.h | 2 +-
> .../crypto/cnxk/cnxk_cryptodev_capabilities.c | 24 +++++++++++++++++++
> drivers/crypto/cnxk/cnxk_ipsec.h | 3 ++-
> 3 files changed, 27 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/crypto/cnxk/cnxk_cryptodev.h
> b/drivers/crypto/cnxk/cnxk_cryptodev.h
> index b75d681185..8870021725 100644
> --- a/drivers/crypto/cnxk/cnxk_cryptodev.h
> +++ b/drivers/crypto/cnxk/cnxk_cryptodev.h
> @@ -11,7 +11,7 @@
> #include "roc_cpt.h"
>
> #define CNXK_CPT_MAX_CAPS 35
> -#define CNXK_SEC_CRYPTO_MAX_CAPS 12
> +#define CNXK_SEC_CRYPTO_MAX_CAPS 13
> #define CNXK_SEC_MAX_CAPS 9
> #define CNXK_AE_EC_ID_MAX 8
> /**
> diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
> b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
> index 98b002d93a..ba9eaf2325 100644
> --- a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
> +++ b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
> @@ -862,6 +862,29 @@ static const struct rte_cryptodev_capabilities
> sec_caps_aes[] = {
> },
> };
>
> +static const struct rte_cryptodev_capabilities sec_caps_des[] = {
> + { /* 3DES CBC */
> + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> + {.sym = {
> + .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
> + {.cipher = {
> + .algo = RTE_CRYPTO_CIPHER_3DES_CBC,
> + .block_size = 8,
> + .key_size = {
> + .min = 24,
> + .max = 24,
> + .increment = 0
> + },
> + .iv_size = {
> + .min = 8,
> + .max = 16,
> + .increment = 8
> + }
> + }, }
> + }, }
> + }
> +};
> +
> static const struct rte_cryptodev_capabilities sec_caps_sha1_sha2[] = {
> { /* SHA1 HMAC */
> .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> @@ -1195,6 +1218,7 @@ sec_crypto_caps_populate(struct
> rte_cryptodev_capabilities cnxk_caps[],
> int cur_pos = 0;
>
> SEC_CAPS_ADD(cnxk_caps, &cur_pos, hw_caps, aes);
> + SEC_CAPS_ADD(cnxk_caps, &cur_pos, hw_caps, des);
> SEC_CAPS_ADD(cnxk_caps, &cur_pos, hw_caps, sha1_sha2);
>
> if (roc_model_is_cn10k())
> diff --git a/drivers/crypto/cnxk/cnxk_ipsec.h
> b/drivers/crypto/cnxk/cnxk_ipsec.h
> index 171ea2774e..7c7833ac1b 100644
> --- a/drivers/crypto/cnxk/cnxk_ipsec.h
> +++ b/drivers/crypto/cnxk/cnxk_ipsec.h
> @@ -24,7 +24,8 @@ ipsec_xform_cipher_verify(struct
> rte_crypto_sym_xform *crypto_xform)
> return 0;
>
> if (crypto_xform->cipher.algo == RTE_CRYPTO_CIPHER_AES_CBC ||
> - crypto_xform->cipher.algo == RTE_CRYPTO_CIPHER_AES_CTR) {
> + crypto_xform->cipher.algo == RTE_CRYPTO_CIPHER_AES_CTR ||
> + crypto_xform->cipher.algo == RTE_CRYPTO_CIPHER_3DES_CBC) {
[Anoob] We can support only key.length as 24 with 3DES. Rest of the checks are for AES. Please introduce a separate check for 3DES.
Rest of the patch looks good.
> switch (crypto_xform->cipher.key.length) {
> case 16:
> case 24:
> --
> 2.25.1
next prev parent reply other threads:[~2022-05-02 7:42 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-04-30 5:36 Vamsi Attunuru
2022-05-02 7:16 ` Akhil Goyal
2022-05-02 7:42 ` Anoob Joseph [this message]
2022-05-02 8:20 ` [PATCH v2 " Vamsi Attunuru
2022-05-02 8:56 ` Anoob Joseph
2022-05-11 19:56 ` Akhil Goyal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=PH0PR18MB467248B33283B6ADF7AEC6A2DFC19@PH0PR18MB4672.namprd18.prod.outlook.com \
--to=anoobj@marvell.com \
--cc=dev@dpdk.org \
--cc=gakhil@marvell.com \
--cc=vattunuru@marvell.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).