DPDK patches and discussions
 help / color / mirror / Atom feed
* [dpdk-dev] [PATCH 0/6] improvements to OCTEON TX crypto PMDs
@ 2020-05-16  9:26 Anoob Joseph
  2020-05-16  9:26 ` [dpdk-dev] [PATCH 1/6] common/octeontx2: fix out of bounds access Anoob Joseph
                   ` (6 more replies)
  0 siblings, 7 replies; 9+ messages in thread
From: Anoob Joseph @ 2020-05-16  9:26 UTC (permalink / raw)
  To: Akhil Goyal
  Cc: Anoob Joseph, Thomas Monjalon, Jerin Jacob, Narayana Prasad,
	Ankur Dwivedi, Tejasree Kondoj, dev

This series adds multiple optimizations and improvements to OCTEON TX crypto PMDs
and OCTEON TX2 security support.

Ankur Dwivedi (2):
  crypto/octeontx2: enable non-byte aligned data feature
  crypto/octeontx: enable non-byte aligned data feature

Anoob Joseph (3):
  common/octeontx2: fix out of bounds access
  crypto/octeontx2: improve error handling in session configure
  crypto/octeontx: redesign sym sessionless code path

Tejasree Kondoj (1):
  net/octeontx2: increase max packet length for Inline IPsec Rx

 doc/guides/cryptodevs/features/octeontx.ini   |   1 +
 doc/guides/cryptodevs/features/octeontx2.ini  |   1 +
 drivers/common/cpt/cpt_ucode.h                |  75 ---------
 drivers/common/octeontx2/otx2_sec_idev.c      |   4 +-
 drivers/crypto/octeontx/otx_cryptodev_ops.c   | 210 ++++++++++++++------------
 drivers/crypto/octeontx2/otx2_cryptodev.c     |   1 +
 drivers/crypto/octeontx2/otx2_cryptodev_ops.c |  43 +++++-
 drivers/net/octeontx2/otx2_ethdev_sec.c       |   4 +-
 8 files changed, 160 insertions(+), 179 deletions(-)

-- 
2.7.4


^ permalink raw reply	[flat|nested] 9+ messages in thread

* [dpdk-dev] [PATCH 1/6] common/octeontx2: fix out of bounds access
  2020-05-16  9:26 [dpdk-dev] [PATCH 0/6] improvements to OCTEON TX crypto PMDs Anoob Joseph
@ 2020-05-16  9:26 ` Anoob Joseph
  2020-05-16  9:26 ` [dpdk-dev] [PATCH 2/6] net/octeontx2: increase max packet length for Inline IPsec Rx Anoob Joseph
                   ` (5 subsequent siblings)
  6 siblings, 0 replies; 9+ messages in thread
From: Anoob Joseph @ 2020-05-16  9:26 UTC (permalink / raw)
  To: Akhil Goyal
  Cc: Anoob Joseph, Thomas Monjalon, Jerin Jacob, Narayana Prasad,
	Ankur Dwivedi, Tejasree Kondoj, dev

Coverity issue: 354230, 354231

Fixes: f44e71637755 ("net/octeontx2: add security session operations")
Fixes: 3fe4d07d1678 ("crypto/octeontx2: enable CPT to share QP with ethdev")

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
---
 drivers/common/octeontx2/otx2_sec_idev.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/common/octeontx2/otx2_sec_idev.c b/drivers/common/octeontx2/otx2_sec_idev.c
index 4e65ce2..6e9643c 100644
--- a/drivers/common/octeontx2/otx2_sec_idev.c
+++ b/drivers/common/octeontx2/otx2_sec_idev.c
@@ -55,7 +55,7 @@ otx2_sec_idev_tx_cpt_qp_add(uint16_t port_id, struct otx2_cpt_qp *qp)
 	struct otx2_sec_idev_cfg *cfg;
 	int i, ret;
 
-	if (qp == NULL || port_id > OTX2_MAX_INLINE_PORTS)
+	if (qp == NULL || port_id >= OTX2_MAX_INLINE_PORTS)
 		return -EINVAL;
 
 	cfg = &sec_cfg[port_id];
@@ -126,7 +126,7 @@ otx2_sec_idev_tx_cpt_qp_get(uint16_t port_id, struct otx2_cpt_qp **qp)
 	uint16_t index;
 	int i, ret;
 
-	if (port_id > OTX2_MAX_INLINE_PORTS || qp == NULL)
+	if (port_id >= OTX2_MAX_INLINE_PORTS || qp == NULL)
 		return -EINVAL;
 
 	cfg = &sec_cfg[port_id];
-- 
2.7.4


^ permalink raw reply	[flat|nested] 9+ messages in thread

* [dpdk-dev] [PATCH 2/6] net/octeontx2: increase max packet length for Inline IPsec Rx
  2020-05-16  9:26 [dpdk-dev] [PATCH 0/6] improvements to OCTEON TX crypto PMDs Anoob Joseph
  2020-05-16  9:26 ` [dpdk-dev] [PATCH 1/6] common/octeontx2: fix out of bounds access Anoob Joseph
@ 2020-05-16  9:26 ` Anoob Joseph
  2020-05-16  9:26 ` [dpdk-dev] [PATCH 3/6] crypto/octeontx2: enable non-byte aligned data feature Anoob Joseph
                   ` (4 subsequent siblings)
  6 siblings, 0 replies; 9+ messages in thread
From: Anoob Joseph @ 2020-05-16  9:26 UTC (permalink / raw)
  To: Akhil Goyal
  Cc: Tejasree Kondoj, Thomas Monjalon, Jerin Jacob, Narayana Prasad,
	Ankur Dwivedi, dev, Anoob Joseph

From: Tejasree Kondoj <ktejasree@marvell.com>

Update max packet length supported by Inline IPsec Rx to
NIX_MAX_FRS

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>
---
 drivers/net/octeontx2/otx2_ethdev_sec.c | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/drivers/net/octeontx2/otx2_ethdev_sec.c b/drivers/net/octeontx2/otx2_ethdev_sec.c
index 3858218..5f6140f 100644
--- a/drivers/net/octeontx2/otx2_ethdev_sec.c
+++ b/drivers/net/octeontx2/otx2_ethdev_sec.c
@@ -20,8 +20,6 @@
 #include "otx2_ipsec_fp.h"
 #include "otx2_sec_idev.h"
 
-#define ETH_SEC_MAX_PKT_LEN	1450
-
 #define AH_HDR_LEN	12
 #define AES_GCM_IV_LEN	8
 #define AES_GCM_MAC_LEN	16
@@ -745,7 +743,7 @@ eth_sec_ipsec_cfg(struct rte_eth_dev *eth_dev, uint8_t tt)
 
 	req->ipsec_cfg0.sa_pow2_size =
 			rte_log2_u32(sizeof(struct otx2_ipsec_fp_in_sa));
-	req->ipsec_cfg0.lenm1_max = ETH_SEC_MAX_PKT_LEN - 1;
+	req->ipsec_cfg0.lenm1_max = NIX_MAX_FRS - 1;
 
 	req->ipsec_cfg1.sa_idx_w = rte_log2_u32(dev->ipsec_in_max_spi);
 	req->ipsec_cfg1.sa_idx_max = dev->ipsec_in_max_spi - 1;
-- 
2.7.4


^ permalink raw reply	[flat|nested] 9+ messages in thread

* [dpdk-dev] [PATCH 3/6] crypto/octeontx2: enable non-byte aligned data feature
  2020-05-16  9:26 [dpdk-dev] [PATCH 0/6] improvements to OCTEON TX crypto PMDs Anoob Joseph
  2020-05-16  9:26 ` [dpdk-dev] [PATCH 1/6] common/octeontx2: fix out of bounds access Anoob Joseph
  2020-05-16  9:26 ` [dpdk-dev] [PATCH 2/6] net/octeontx2: increase max packet length for Inline IPsec Rx Anoob Joseph
@ 2020-05-16  9:26 ` Anoob Joseph
  2020-05-16  9:26 ` [dpdk-dev] [PATCH 4/6] crypto/octeontx2: improve error handling in session configure Anoob Joseph
                   ` (3 subsequent siblings)
  6 siblings, 0 replies; 9+ messages in thread
From: Anoob Joseph @ 2020-05-16  9:26 UTC (permalink / raw)
  To: Akhil Goyal
  Cc: Ankur Dwivedi, Thomas Monjalon, Jerin Jacob, Narayana Prasad,
	Tejasree Kondoj, dev, Anoob Joseph

From: Ankur Dwivedi <adwivedi@marvell.com>

The OCTEON TX2 crypto PMD supports non-byte aligned data as
input for SNOW and ZUC algos. Adding the same to the feature list.

Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
---
 doc/guides/cryptodevs/features/octeontx2.ini | 1 +
 drivers/crypto/octeontx2/otx2_cryptodev.c    | 1 +
 2 files changed, 2 insertions(+)

diff --git a/doc/guides/cryptodevs/features/octeontx2.ini b/doc/guides/cryptodevs/features/octeontx2.ini
index e9ce26c..cdcaf70 100644
--- a/doc/guides/cryptodevs/features/octeontx2.ini
+++ b/doc/guides/cryptodevs/features/octeontx2.ini
@@ -13,6 +13,7 @@ OOP SGL In LB  Out     = Y
 OOP SGL In SGL Out     = Y
 RSA PRIV OP KEY QT     = Y
 Symmetric sessionless  = Y
+Non-Byte aligned data  = Y
 
 ;
 ; Supported crypto algorithms of 'octeontx2' crypto driver.
diff --git a/drivers/crypto/octeontx2/otx2_cryptodev.c b/drivers/crypto/octeontx2/otx2_cryptodev.c
index 7cda077..6ffbc2e 100644
--- a/drivers/crypto/octeontx2/otx2_cryptodev.c
+++ b/drivers/crypto/octeontx2/otx2_cryptodev.c
@@ -104,6 +104,7 @@ otx2_cpt_pci_probe(struct rte_pci_driver *pci_drv __rte_unused,
 			     RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT |
 			     RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO |
 			     RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_QT |
+			     RTE_CRYPTODEV_FF_NON_BYTE_ALIGNED_DATA |
 			     RTE_CRYPTODEV_FF_SYM_SESSIONLESS;
 
 	return 0;
-- 
2.7.4


^ permalink raw reply	[flat|nested] 9+ messages in thread

* [dpdk-dev] [PATCH 4/6] crypto/octeontx2: improve error handling in session configure
  2020-05-16  9:26 [dpdk-dev] [PATCH 0/6] improvements to OCTEON TX crypto PMDs Anoob Joseph
                   ` (2 preceding siblings ...)
  2020-05-16  9:26 ` [dpdk-dev] [PATCH 3/6] crypto/octeontx2: enable non-byte aligned data feature Anoob Joseph
@ 2020-05-16  9:26 ` Anoob Joseph
  2020-05-16  9:26 ` [dpdk-dev] [PATCH 5/6] crypto/octeontx: enable non-byte aligned data feature Anoob Joseph
                   ` (2 subsequent siblings)
  6 siblings, 0 replies; 9+ messages in thread
From: Anoob Joseph @ 2020-05-16  9:26 UTC (permalink / raw)
  To: Akhil Goyal
  Cc: Anoob Joseph, Thomas Monjalon, Jerin Jacob, Narayana Prasad,
	Ankur Dwivedi, Tejasree Kondoj, dev

Session configure should return -ENOTSUP in case of unsupported xform
requests. Moving the validation of combinations out of cpt, as the
feature support will not be same across OCTEON TX and OCTEON TX2.

Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
---
 drivers/crypto/octeontx2/otx2_cryptodev_ops.c | 43 +++++++++++++++++++++++----
 1 file changed, 38 insertions(+), 5 deletions(-)

diff --git a/drivers/crypto/octeontx2/otx2_cryptodev_ops.c b/drivers/crypto/octeontx2/otx2_cryptodev_ops.c
index 0ae04c5..ad292a0 100644
--- a/drivers/crypto/octeontx2/otx2_cryptodev_ops.c
+++ b/drivers/crypto/octeontx2/otx2_cryptodev_ops.c
@@ -312,6 +312,41 @@ otx2_cpt_qp_destroy(const struct rte_cryptodev *dev, struct otx2_cpt_qp *qp)
 }
 
 static int
+sym_xform_verify(struct rte_crypto_sym_xform *xform)
+{
+	if (xform->next) {
+		if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
+		    xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
+		    xform->next->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT)
+			return -ENOTSUP;
+
+		if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
+		    xform->cipher.op == RTE_CRYPTO_CIPHER_OP_DECRYPT &&
+		    xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH)
+			return -ENOTSUP;
+
+		if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
+		    xform->cipher.algo == RTE_CRYPTO_CIPHER_3DES_CBC &&
+		    xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
+		    xform->next->auth.algo == RTE_CRYPTO_AUTH_SHA1)
+			return -ENOTSUP;
+
+		if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
+		    xform->auth.algo == RTE_CRYPTO_AUTH_SHA1 &&
+		    xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
+		    xform->next->cipher.algo == RTE_CRYPTO_CIPHER_3DES_CBC)
+			return -ENOTSUP;
+
+	} else {
+		if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
+		    xform->auth.algo == RTE_CRYPTO_AUTH_NULL &&
+		    xform->auth.op == RTE_CRYPTO_AUTH_OP_VERIFY)
+			return -ENOTSUP;
+	}
+	return 0;
+}
+
+static int
 sym_session_configure(int driver_id, struct rte_crypto_sym_xform *xform,
 		      struct rte_cryptodev_sym_session *sess,
 		      struct rte_mempool *pool)
@@ -320,10 +355,9 @@ sym_session_configure(int driver_id, struct rte_crypto_sym_xform *xform,
 	void *priv;
 	int ret;
 
-	if (unlikely(cpt_is_algo_supported(xform))) {
-		CPT_LOG_ERR("Crypto xform not supported");
-		return -ENOTSUP;
-	}
+	ret = sym_xform_verify(xform);
+	if (unlikely(ret))
+		return ret;
 
 	if (unlikely(rte_mempool_get(pool, &priv))) {
 		CPT_LOG_ERR("Could not allocate session private data");
@@ -373,7 +407,6 @@ sym_session_configure(int driver_id, struct rte_crypto_sym_xform *xform,
 priv_put:
 	rte_mempool_put(pool, priv);
 
-	CPT_LOG_ERR("Crypto xform not supported");
 	return -ENOTSUP;
 }
 
-- 
2.7.4


^ permalink raw reply	[flat|nested] 9+ messages in thread

* [dpdk-dev] [PATCH 5/6] crypto/octeontx: enable non-byte aligned data feature
  2020-05-16  9:26 [dpdk-dev] [PATCH 0/6] improvements to OCTEON TX crypto PMDs Anoob Joseph
                   ` (3 preceding siblings ...)
  2020-05-16  9:26 ` [dpdk-dev] [PATCH 4/6] crypto/octeontx2: improve error handling in session configure Anoob Joseph
@ 2020-05-16  9:26 ` Anoob Joseph
  2020-05-16  9:26 ` [dpdk-dev] [PATCH 6/6] crypto/octeontx: redesign sym sessionless code path Anoob Joseph
  2020-05-17 14:16 ` [dpdk-dev] [PATCH 0/6] improvements to OCTEON TX crypto PMDs Akhil Goyal
  6 siblings, 0 replies; 9+ messages in thread
From: Anoob Joseph @ 2020-05-16  9:26 UTC (permalink / raw)
  To: Akhil Goyal
  Cc: Ankur Dwivedi, Thomas Monjalon, Jerin Jacob, Narayana Prasad,
	Tejasree Kondoj, dev, Anoob Joseph

From: Ankur Dwivedi <adwivedi@marvell.com>

The OCTEON TX crypto PMD supports non-byte aligned data as
input for SNOW and ZUC algos. Adding the same to the feature list.

Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
---
 doc/guides/cryptodevs/features/octeontx.ini | 1 +
 drivers/crypto/octeontx/otx_cryptodev_ops.c | 1 +
 2 files changed, 2 insertions(+)

diff --git a/doc/guides/cryptodevs/features/octeontx.ini b/doc/guides/cryptodevs/features/octeontx.ini
index 4ce4ff1..09affb2 100644
--- a/doc/guides/cryptodevs/features/octeontx.ini
+++ b/doc/guides/cryptodevs/features/octeontx.ini
@@ -13,6 +13,7 @@ OOP SGL In LB  Out     = Y
 OOP SGL In SGL Out     = Y
 RSA PRIV OP KEY QT     = Y
 Symmetric sessionless  = Y
+Non-Byte aligned data  = Y
 
 ;
 ; Supported crypto algorithms of 'octeontx' crypto driver.
diff --git a/drivers/crypto/octeontx/otx_cryptodev_ops.c b/drivers/crypto/octeontx/otx_cryptodev_ops.c
index 3fbf5d5..7097499 100644
--- a/drivers/crypto/octeontx/otx_cryptodev_ops.c
+++ b/drivers/crypto/octeontx/otx_cryptodev_ops.c
@@ -968,6 +968,7 @@ otx_cpt_dev_create(struct rte_cryptodev *c_dev)
 				RTE_CRYPTODEV_FF_IN_PLACE_SGL |
 				RTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT |
 				RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT |
+				RTE_CRYPTODEV_FF_NON_BYTE_ALIGNED_DATA |
 				RTE_CRYPTODEV_FF_SYM_SESSIONLESS;
 		break;
 	default:
-- 
2.7.4


^ permalink raw reply	[flat|nested] 9+ messages in thread

* [dpdk-dev] [PATCH 6/6] crypto/octeontx: redesign sym sessionless code path
  2020-05-16  9:26 [dpdk-dev] [PATCH 0/6] improvements to OCTEON TX crypto PMDs Anoob Joseph
                   ` (4 preceding siblings ...)
  2020-05-16  9:26 ` [dpdk-dev] [PATCH 5/6] crypto/octeontx: enable non-byte aligned data feature Anoob Joseph
@ 2020-05-16  9:26 ` Anoob Joseph
  2020-05-17 14:16 ` [dpdk-dev] [PATCH 0/6] improvements to OCTEON TX crypto PMDs Akhil Goyal
  6 siblings, 0 replies; 9+ messages in thread
From: Anoob Joseph @ 2020-05-16  9:26 UTC (permalink / raw)
  To: Akhil Goyal
  Cc: Anoob Joseph, Thomas Monjalon, Jerin Jacob, Narayana Prasad,
	Ankur Dwivedi, Tejasree Kondoj, dev

Cleanup sessionless code path and improve error handling.

Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
---
 drivers/common/cpt/cpt_ucode.h              |  75 ----------
 drivers/crypto/octeontx/otx_cryptodev_ops.c | 209 +++++++++++++++-------------
 2 files changed, 115 insertions(+), 169 deletions(-)

diff --git a/drivers/common/cpt/cpt_ucode.h b/drivers/common/cpt/cpt_ucode.h
index 0d3a01b..34ccd08 100644
--- a/drivers/common/cpt/cpt_ucode.h
+++ b/drivers/common/cpt/cpt_ucode.h
@@ -22,38 +22,6 @@ static uint8_t zuc_d[32] = {
 	0x5E, 0x26, 0x3C, 0x4D, 0x78, 0x9A, 0x47, 0xAC
 };
 
-static __rte_always_inline int
-cpt_is_algo_supported(struct rte_crypto_sym_xform *xform)
-{
-	/*
-	 * Microcode only supports the following combination.
-	 * Encryption followed by authentication
-	 * Authentication followed by decryption
-	 */
-	if (xform->next) {
-		if ((xform->type == RTE_CRYPTO_SYM_XFORM_AUTH) &&
-		    (xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER) &&
-		    (xform->next->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT)) {
-			/* Unsupported as of now by microcode */
-			CPT_LOG_DP_ERR("Unsupported combination");
-			return -1;
-		}
-		if ((xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER) &&
-		    (xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH) &&
-		    (xform->cipher.op == RTE_CRYPTO_CIPHER_OP_DECRYPT)) {
-			/* For GMAC auth there is no cipher operation */
-			if (xform->aead.algo != RTE_CRYPTO_AEAD_AES_GCM ||
-			    xform->next->auth.algo !=
-			    RTE_CRYPTO_AUTH_AES_GMAC) {
-				/* Unsupported as of now by microcode */
-				CPT_LOG_DP_ERR("Unsupported combination");
-				return -1;
-			}
-		}
-	}
-	return 0;
-}
-
 static __rte_always_inline void
 gen_key_snow3g(const uint8_t *ck, uint32_t *keyx)
 {
@@ -3333,49 +3301,6 @@ compl_auth_verify(struct rte_crypto_op *op,
 		op->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
 }
 
-static __rte_always_inline int
-instance_session_cfg(struct rte_crypto_sym_xform *xform, void *sess)
-{
-	struct rte_crypto_sym_xform *chain;
-
-	CPT_PMD_INIT_FUNC_TRACE();
-
-	if (cpt_is_algo_supported(xform))
-		goto err;
-
-	chain = xform;
-	while (chain) {
-		switch (chain->type) {
-		case RTE_CRYPTO_SYM_XFORM_AEAD:
-			if (fill_sess_aead(chain, sess))
-				goto err;
-			break;
-		case RTE_CRYPTO_SYM_XFORM_CIPHER:
-			if (fill_sess_cipher(chain, sess))
-				goto err;
-			break;
-		case RTE_CRYPTO_SYM_XFORM_AUTH:
-			if (chain->auth.algo == RTE_CRYPTO_AUTH_AES_GMAC) {
-				if (fill_sess_gmac(chain, sess))
-					goto err;
-			} else {
-				if (fill_sess_auth(chain, sess))
-					goto err;
-			}
-			break;
-		default:
-			CPT_LOG_DP_ERR("Invalid crypto xform type");
-			break;
-		}
-		chain = chain->next;
-	}
-
-	return 0;
-
-err:
-	return -1;
-}
-
 static __rte_always_inline void
 find_kasumif9_direction_and_length(uint8_t *src,
 				   uint32_t counter_num_bytes,
diff --git a/drivers/crypto/octeontx/otx_cryptodev_ops.c b/drivers/crypto/octeontx/otx_cryptodev_ops.c
index 7097499..60efd7c 100644
--- a/drivers/crypto/octeontx/otx_cryptodev_ops.c
+++ b/drivers/crypto/octeontx/otx_cryptodev_ops.c
@@ -212,91 +212,133 @@ otx_cpt_get_session_size(struct rte_cryptodev *dev __rte_unused)
 	return cpt_get_session_size();
 }
 
-static void
-otx_cpt_session_init(void *sym_sess, uint8_t driver_id)
+static int
+sym_xform_verify(struct rte_crypto_sym_xform *xform)
 {
-	struct rte_cryptodev_sym_session *sess = sym_sess;
-	struct cpt_sess_misc *cpt_sess =
-	 (struct cpt_sess_misc *) get_sym_session_private_data(sess, driver_id);
+	if (xform->next) {
+		if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
+		    xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
+		    xform->next->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT)
+			return -ENOTSUP;
+
+		if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
+		    xform->cipher.op == RTE_CRYPTO_CIPHER_OP_DECRYPT &&
+		    xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH)
+			return -ENOTSUP;
+
+		if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
+		    xform->cipher.algo == RTE_CRYPTO_CIPHER_3DES_CBC &&
+		    xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
+		    xform->next->auth.algo == RTE_CRYPTO_AUTH_SHA1)
+			return -ENOTSUP;
+
+		if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
+		    xform->auth.algo == RTE_CRYPTO_AUTH_SHA1 &&
+		    xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
+		    xform->next->cipher.algo == RTE_CRYPTO_CIPHER_3DES_CBC)
+			return -ENOTSUP;
 
-	CPT_PMD_INIT_FUNC_TRACE();
-	cpt_sess->ctx_dma_addr = rte_mempool_virt2iova(cpt_sess) +
-			sizeof(struct cpt_sess_misc);
+	} else {
+		if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
+		    xform->auth.algo == RTE_CRYPTO_AUTH_NULL &&
+		    xform->auth.op == RTE_CRYPTO_AUTH_OP_VERIFY)
+			return -ENOTSUP;
+	}
+	return 0;
 }
 
 static int
-otx_cpt_session_cfg(struct rte_cryptodev *dev,
-		    struct rte_crypto_sym_xform *xform,
-		    struct rte_cryptodev_sym_session *sess,
-		    struct rte_mempool *mempool)
+sym_session_configure(int driver_id, struct rte_crypto_sym_xform *xform,
+		      struct rte_cryptodev_sym_session *sess,
+		      struct rte_mempool *pool)
 {
-	struct rte_crypto_sym_xform *chain;
-	void *sess_private_data = NULL;
-
-	CPT_PMD_INIT_FUNC_TRACE();
-
-	if (cpt_is_algo_supported(xform))
-		goto err;
+	struct cpt_sess_misc *misc;
+	void *priv;
+	int ret;
 
-	if (unlikely(sess == NULL)) {
-		CPT_LOG_ERR("invalid session struct");
-		return -EINVAL;
-	}
+	ret = sym_xform_verify(xform);
+	if (unlikely(ret))
+		return ret;
 
-	if (rte_mempool_get(mempool, &sess_private_data)) {
-		CPT_LOG_ERR("Could not allocate sess_private_data");
+	if (unlikely(rte_mempool_get(pool, &priv))) {
+		CPT_LOG_ERR("Could not allocate session private data");
 		return -ENOMEM;
 	}
 
-	chain = xform;
-	while (chain) {
-		switch (chain->type) {
+	misc = priv;
+
+	for ( ; xform != NULL; xform = xform->next) {
+		switch (xform->type) {
 		case RTE_CRYPTO_SYM_XFORM_AEAD:
-			if (fill_sess_aead(chain, sess_private_data))
-				goto err;
+			ret = fill_sess_aead(xform, misc);
 			break;
 		case RTE_CRYPTO_SYM_XFORM_CIPHER:
-			if (fill_sess_cipher(chain, sess_private_data))
-				goto err;
+			ret = fill_sess_cipher(xform, misc);
 			break;
 		case RTE_CRYPTO_SYM_XFORM_AUTH:
-			if (chain->auth.algo == RTE_CRYPTO_AUTH_AES_GMAC) {
-				if (fill_sess_gmac(chain, sess_private_data))
-					goto err;
-			} else {
-				if (fill_sess_auth(chain, sess_private_data))
-					goto err;
-			}
+			if (xform->auth.algo == RTE_CRYPTO_AUTH_AES_GMAC)
+				ret = fill_sess_gmac(xform, misc);
+			else
+				ret = fill_sess_auth(xform, misc);
 			break;
 		default:
-			CPT_LOG_ERR("Invalid crypto xform type");
-			break;
+			ret = -1;
 		}
-		chain = chain->next;
+
+		if (ret)
+			goto priv_put;
 	}
-	set_sym_session_private_data(sess, dev->driver_id, sess_private_data);
-	otx_cpt_session_init(sess, dev->driver_id);
+
+	set_sym_session_private_data(sess, driver_id, priv);
+
+	misc->ctx_dma_addr = rte_mempool_virt2iova(misc) +
+			     sizeof(struct cpt_sess_misc);
+
 	return 0;
 
-err:
-	if (sess_private_data)
-		rte_mempool_put(mempool, sess_private_data);
-	return -EPERM;
+priv_put:
+	if (priv)
+		rte_mempool_put(pool, priv);
+	return -ENOTSUP;
 }
 
 static void
+sym_session_clear(int driver_id, struct rte_cryptodev_sym_session *sess)
+{
+	void *priv = get_sym_session_private_data(sess, driver_id);
+	struct rte_mempool *pool;
+
+	if (priv == NULL)
+		return;
+
+	memset(priv, 0, cpt_get_session_size());
+
+	pool = rte_mempool_from_obj(priv);
+
+	set_sym_session_private_data(sess, driver_id, NULL);
+
+	rte_mempool_put(pool, priv);
+}
+
+static int
+otx_cpt_session_cfg(struct rte_cryptodev *dev,
+		    struct rte_crypto_sym_xform *xform,
+		    struct rte_cryptodev_sym_session *sess,
+		    struct rte_mempool *pool)
+{
+	CPT_PMD_INIT_FUNC_TRACE();
+
+	return sym_session_configure(dev->driver_id, xform, sess, pool);
+}
+
+
+static void
 otx_cpt_session_clear(struct rte_cryptodev *dev,
 		  struct rte_cryptodev_sym_session *sess)
 {
-	void *sess_priv = get_sym_session_private_data(sess, dev->driver_id);
-
 	CPT_PMD_INIT_FUNC_TRACE();
-	if (sess_priv) {
-		memset(sess_priv, 0, otx_cpt_get_session_size(dev));
-		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
-		set_sym_session_private_data(sess, dev->driver_id, NULL);
-		rte_mempool_put(sess_mp, sess_priv);
-	}
+
+	return sym_session_clear(dev->driver_id, sess);
 }
 
 static unsigned int
@@ -516,57 +558,36 @@ otx_cpt_enq_single_sym(struct cpt_instance *instance,
 static __rte_always_inline int __rte_hot
 otx_cpt_enq_single_sym_sessless(struct cpt_instance *instance,
 				struct rte_crypto_op *op,
-				struct pending_queue *pqueue)
+				struct pending_queue *pend_q)
 {
-	struct cpt_sess_misc *sess;
+	const int driver_id = otx_cryptodev_driver_id;
 	struct rte_crypto_sym_op *sym_op = op->sym;
+	struct rte_cryptodev_sym_session *sess;
 	int ret;
-	void *sess_t = NULL;
-	void *sess_private_data_t = NULL;
-
-	/* Create tmp session */
 
-	if (rte_mempool_get(instance->sess_mp, (void **)&sess_t)) {
-		ret = -ENOMEM;
-		goto exit;
-	}
+	/* Create temporary session */
 
-	if (rte_mempool_get(instance->sess_mp_priv,
-			(void **)&sess_private_data_t)) {
-		ret = -ENOMEM;
-		goto free_sess;
-	}
-
-	sess = (struct cpt_sess_misc *)sess_private_data_t;
-
-	sess->ctx_dma_addr = rte_mempool_virt2iova(sess) +
-			sizeof(struct cpt_sess_misc);
-
-	ret = instance_session_cfg(sym_op->xform, (void *)sess);
-	if (unlikely(ret)) {
-		ret = -EINVAL;
-		goto free_sess_priv;
-	}
+	if (rte_mempool_get(instance->sess_mp, (void **)&sess))
+		return -ENOMEM;
 
-	/* Save tmp session in op */
+	ret = sym_session_configure(driver_id, sym_op->xform, sess,
+				    instance->sess_mp_priv);
+	if (ret)
+		goto sess_put;
 
-	sym_op->session = (struct rte_cryptodev_sym_session *)sess_t;
-	set_sym_session_private_data(sym_op->session, otx_cryptodev_driver_id,
-				     sess_private_data_t);
+	sym_op->session = sess;
 
-	/* Enqueue op with the tmp session set */
-	ret = otx_cpt_enq_single_sym(instance, op, pqueue);
+	ret = otx_cpt_enq_single_sym(instance, op, pend_q);
 
 	if (unlikely(ret))
-		goto free_sess_priv;
+		goto priv_put;
 
 	return 0;
 
-free_sess_priv:
-	rte_mempool_put(instance->sess_mp_priv, sess_private_data_t);
-free_sess:
-	rte_mempool_put(instance->sess_mp, sess_t);
-exit:
+priv_put:
+	sym_session_clear(driver_id, sess);
+sess_put:
+	rte_mempool_put(instance->sess_mp, sess);
 	return ret;
 }
 
-- 
2.7.4


^ permalink raw reply	[flat|nested] 9+ messages in thread

* Re: [dpdk-dev] [PATCH 0/6] improvements to OCTEON TX crypto PMDs
  2020-05-16  9:26 [dpdk-dev] [PATCH 0/6] improvements to OCTEON TX crypto PMDs Anoob Joseph
                   ` (5 preceding siblings ...)
  2020-05-16  9:26 ` [dpdk-dev] [PATCH 6/6] crypto/octeontx: redesign sym sessionless code path Anoob Joseph
@ 2020-05-17 14:16 ` Akhil Goyal
  2020-05-18  4:26   ` Anoob Joseph
  6 siblings, 1 reply; 9+ messages in thread
From: Akhil Goyal @ 2020-05-17 14:16 UTC (permalink / raw)
  To: Anoob Joseph
  Cc: Thomas Monjalon, Jerin Jacob, Narayana Prasad, Ankur Dwivedi,
	Tejasree Kondoj, dev

Hi Anoob,

This patch series is pretty late for the RC3, specially your last patch.
However the patches looks good to me, I have applied them to dpdk-next-crypto
with some modifications in the commit titles and descriptions.

Please send the fixes a bit earlier from next time.

Regards,
Akhil
> 
> This series adds multiple optimizations and improvements to OCTEON TX crypto
> PMDs
> and OCTEON TX2 security support.
> 
> Ankur Dwivedi (2):
>   crypto/octeontx2: enable non-byte aligned data feature
>   crypto/octeontx: enable non-byte aligned data feature
> 
> Anoob Joseph (3):
>   common/octeontx2: fix out of bounds access
>   crypto/octeontx2: improve error handling in session configure
>   crypto/octeontx: redesign sym sessionless code path
> 
> Tejasree Kondoj (1):
>   net/octeontx2: increase max packet length for Inline IPsec Rx
> 
>  doc/guides/cryptodevs/features/octeontx.ini   |   1 +
>  doc/guides/cryptodevs/features/octeontx2.ini  |   1 +
>  drivers/common/cpt/cpt_ucode.h                |  75 ---------
>  drivers/common/octeontx2/otx2_sec_idev.c      |   4 +-
>  drivers/crypto/octeontx/otx_cryptodev_ops.c   | 210 ++++++++++++++-----------
> -
>  drivers/crypto/octeontx2/otx2_cryptodev.c     |   1 +
>  drivers/crypto/octeontx2/otx2_cryptodev_ops.c |  43 +++++-
>  drivers/net/octeontx2/otx2_ethdev_sec.c       |   4 +-
>  8 files changed, 160 insertions(+), 179 deletions(-)
> 
> --
> 2.7.4


^ permalink raw reply	[flat|nested] 9+ messages in thread

* Re: [dpdk-dev] [PATCH 0/6] improvements to OCTEON TX crypto PMDs
  2020-05-17 14:16 ` [dpdk-dev] [PATCH 0/6] improvements to OCTEON TX crypto PMDs Akhil Goyal
@ 2020-05-18  4:26   ` Anoob Joseph
  0 siblings, 0 replies; 9+ messages in thread
From: Anoob Joseph @ 2020-05-18  4:26 UTC (permalink / raw)
  To: Akhil Goyal
  Cc: Thomas Monjalon, Jerin Kollanukkaran,
	Narayana Prasad Raju Athreya, Ankur Dwivedi, Tejasree Kondoj,
	dev

Hi Akhil,

> Hi Anoob,
> 
> This patch series is pretty late for the RC3, specially your last patch.
> However the patches looks good to me, I have applied them to dpdk-next-
> crypto with some modifications in the commit titles and descriptions.
> 
> Please send the fixes a bit earlier from next time.
> 

[Anoob] Sure. The rework of the test application etc mandated the changes in the PMD. I wanted to send one series with all the changes from our end (in the PMD) rather than sending multiple patches. Next time, will try to send before RC2. Hope that would do.

Thanks,
Anoob

^ permalink raw reply	[flat|nested] 9+ messages in thread

end of thread, other threads:[~2020-05-18  4:26 UTC | newest]

Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-05-16  9:26 [dpdk-dev] [PATCH 0/6] improvements to OCTEON TX crypto PMDs Anoob Joseph
2020-05-16  9:26 ` [dpdk-dev] [PATCH 1/6] common/octeontx2: fix out of bounds access Anoob Joseph
2020-05-16  9:26 ` [dpdk-dev] [PATCH 2/6] net/octeontx2: increase max packet length for Inline IPsec Rx Anoob Joseph
2020-05-16  9:26 ` [dpdk-dev] [PATCH 3/6] crypto/octeontx2: enable non-byte aligned data feature Anoob Joseph
2020-05-16  9:26 ` [dpdk-dev] [PATCH 4/6] crypto/octeontx2: improve error handling in session configure Anoob Joseph
2020-05-16  9:26 ` [dpdk-dev] [PATCH 5/6] crypto/octeontx: enable non-byte aligned data feature Anoob Joseph
2020-05-16  9:26 ` [dpdk-dev] [PATCH 6/6] crypto/octeontx: redesign sym sessionless code path Anoob Joseph
2020-05-17 14:16 ` [dpdk-dev] [PATCH 0/6] improvements to OCTEON TX crypto PMDs Akhil Goyal
2020-05-18  4:26   ` Anoob Joseph

DPDK patches and discussions

This inbox may be cloned and mirrored by anyone:

	git clone --mirror https://inbox.dpdk.org/dev/0 dev/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 dev dev/ https://inbox.dpdk.org/dev \
		dev@dpdk.org
	public-inbox-index dev

Example config snippet for mirrors.
Newsgroup available over NNTP:
	nntp://inbox.dpdk.org/inbox.dpdk.dev


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git