From: David Coyle <david.coyle@intel.com>
To: akhil.goyal@nxp.com, declan.doherty@intel.com, fiona.trahe@intel.com
Cc: dev@dpdk.org, brendan.ryan@intel.com,
mairtin.oloingsigh@intel.com, pablo.de.lara.guarch@intel.com,
David Coyle <david.coyle@intel.com>
Subject: [dpdk-dev] [PATCH v1] crypto/qat: check for multi-segment buffers for DOCSIS
Date: Thu, 16 Jul 2020 16:33:31 +0100 [thread overview]
Message-ID: <20200716153331.65689-1-david.coyle@intel.com> (raw)
Multi-segment mbufs are not supported for DOCSIS security protocol.
This patch adds an explicit check for this and returns an op error if
this case is found. This limitation is also added to the QAT cryptodev
documentation.
Fixes: 6f0ef237404b ("crypto/qat: support DOCSIS protocol")
Signed-off-by: David Coyle <david.coyle@intel.com>
---
doc/guides/cryptodevs/qat.rst | 2 ++
drivers/crypto/qat/qat_sym.c | 12 +++++++-----
2 files changed, 9 insertions(+), 5 deletions(-)
diff --git a/doc/guides/cryptodevs/qat.rst b/doc/guides/cryptodevs/qat.rst
index 931a18f9a..b9f8c37ea 100644
--- a/doc/guides/cryptodevs/qat.rst
+++ b/doc/guides/cryptodevs/qat.rst
@@ -134,6 +134,8 @@ Limitations
protocol.
* ``RTE_CRYPTO_CIPHER_DES_DOCSISBPI`` is not supported for combined Crypto-CRC
DOCSIS security protocol.
+* Multi-segment buffers are not supported for combined Crypto-CRC DOCSIS
+ security protocol.
Extra notes on KASUMI F9
~~~~~~~~~~~~~~~~~~~~~~~~
diff --git a/drivers/crypto/qat/qat_sym.c b/drivers/crypto/qat/qat_sym.c
index 6d568ab8f..632313a26 100644
--- a/drivers/crypto/qat/qat_sym.c
+++ b/drivers/crypto/qat/qat_sym.c
@@ -284,13 +284,15 @@ qat_sym_build_request(void *in_op, uint8_t *out_msg,
/* DOCSIS processing */
#ifdef RTE_LIBRTE_SECURITY
if (is_docsis_sec) {
- /* Check for OOP */
- if (unlikely((op->sym->m_dst != NULL) &&
+ /* Check for OOP or multi-segment buffers */
+ if (unlikely(((op->sym->m_dst != NULL) &&
(op->sym->m_dst !=
- op->sym->m_src))) {
+ op->sym->m_src)) ||
+ op->sym->m_src->nb_segs > 1)) {
QAT_DP_LOG(ERR,
- "OOP not supported for DOCSIS "
- "security");
+ "OOP and/or multi-segment "
+ "buffers are not supported for "
+ "DOCSIS security");
op->status =
RTE_CRYPTO_OP_STATUS_INVALID_ARGS;
return -EINVAL;
--
2.17.1
next reply other threads:[~2020-07-16 15:57 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-07-16 15:33 David Coyle [this message]
2020-07-17 18:25 ` Trahe, Fiona
2020-07-18 21:29 ` Akhil Goyal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200716153331.65689-1-david.coyle@intel.com \
--to=david.coyle@intel.com \
--cc=akhil.goyal@nxp.com \
--cc=brendan.ryan@intel.com \
--cc=declan.doherty@intel.com \
--cc=dev@dpdk.org \
--cc=fiona.trahe@intel.com \
--cc=mairtin.oloingsigh@intel.com \
--cc=pablo.de.lara.guarch@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).