From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id A7FC6A0505; Thu, 7 Apr 2022 17:29:41 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 5018A4068B; Thu, 7 Apr 2022 17:29:41 +0200 (CEST) Received: from mga09.intel.com (mga09.intel.com [134.134.136.24]) by mails.dpdk.org (Postfix) with ESMTP id CA8DD40689 for ; Thu, 7 Apr 2022 17:29:36 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1649345379; x=1680881379; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=UN2x6wBIB2nSCO5LWyTlAzcjTLCzahi9FShRB6H9wnI=; b=jEGYEo8HlgSVZ7LIhkX1iA03iR2Att8Ys7fQrwaYYEF6e1IxjgIPHaNd rkv6/qOwbLrJR3fe0MtVZl6L9UX61xDaEEUSD1JQNVBxsF5D4jIuvrF+t OTeLbBkC8iJYK4t6XRvEGors4gUNSFWJgA+aTeqP1SDjcP7BXq76PuI4c cVOcUcop9X6PlogI8KfSFjXTIpy3OC/I/mW3M4L7F7A3O4nyM6Sb75xdp ImaEjECo5N4IZTnXO0i++GbdtEcMK4tRddmIUvuCs/0RGH2Quux6gB77C Q0IIQq4MXthiPi4EZuVmSZ1xdPa37VQoIhCbqTaLeUJtOlxbv2Jk5+YOC w==; X-IronPort-AV: E=McAfee;i="6400,9594,10310"; a="261046891" X-IronPort-AV: E=Sophos;i="5.90,242,1643702400"; d="scan'208";a="261046891" Received: from orsmga008.jf.intel.com ([10.7.209.65]) by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Apr 2022 08:29:35 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.90,242,1643702400"; d="scan'208";a="571102163" Received: from silpixa00400885.ir.intel.com ([10.243.23.101]) by orsmga008.jf.intel.com with ESMTP; 07 Apr 2022 08:29:34 -0700 From: Fan Zhang To: dev@dpdk.org Cc: kai.ji@intel.com, gakhil@marvell.com, pablo.de.lara.guarch@intel.com, Fan Zhang Subject: [PATCH] crypto/qat: use intel-ipsec-mb for partial hash Date: Thu, 7 Apr 2022 16:29:31 +0100 Message-Id: <20220407152931.8771-1-roy.fan.zhang@intel.com> X-Mailer: git-send-email 2.32.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Since openssl 3.0 now deprecates the low level API QAT required to perform partial hash operation when creating the session. This patch is to transfer such dependency from openssl to intel-ipsec-mb. Signed-off-by: Fan Zhang --- drivers/common/qat/meson.build | 10 +++ drivers/crypto/qat/qat_sym_session.c | 101 +++++---------------------- 2 files changed, 28 insertions(+), 83 deletions(-) diff --git a/drivers/common/qat/meson.build b/drivers/common/qat/meson.build index b7027f3164..d35fc69d96 100644 --- a/drivers/common/qat/meson.build +++ b/drivers/common/qat/meson.build @@ -35,6 +35,16 @@ if qat_crypto and not libcrypto.found() 'missing dependency, libcrypto') endif + +IMB_required_ver = '1.0.0' +libipsecmb = cc.find_library('IPSec_MB', required: false) +if not lib.found() + build = false + reason = 'missing dependency, "libIPSec_MB"' +else + ext_deps += libipsecmb +endif + # The driver should not build if both compression and crypto are disabled #FIXME common code depends on compression files so check only compress! if not qat_compress # and not qat_crypto diff --git a/drivers/crypto/qat/qat_sym_session.c b/drivers/crypto/qat/qat_sym_session.c index 9d6a19c0be..05a11db750 100644 --- a/drivers/crypto/qat/qat_sym_session.c +++ b/drivers/crypto/qat/qat_sym_session.c @@ -6,6 +6,7 @@ #include /* Needed to calculate pre-compute values */ #include /* Needed to calculate pre-compute values */ #include /* Needed for bpi runt block processing */ +#include #include #include @@ -1057,139 +1058,73 @@ static int qat_hash_get_block_size(enum icp_qat_hw_auth_algo qat_hash_alg) return -EFAULT; } -static int partial_hash_sha1(uint8_t *data_in, uint8_t *data_out) -{ - SHA_CTX ctx; - - if (!SHA1_Init(&ctx)) - return -EFAULT; - SHA1_Transform(&ctx, data_in); - rte_memcpy(data_out, &ctx, SHA_DIGEST_LENGTH); - return 0; -} - -static int partial_hash_sha224(uint8_t *data_in, uint8_t *data_out) -{ - SHA256_CTX ctx; - - if (!SHA224_Init(&ctx)) - return -EFAULT; - SHA256_Transform(&ctx, data_in); - rte_memcpy(data_out, &ctx, SHA256_DIGEST_LENGTH); - return 0; -} - -static int partial_hash_sha256(uint8_t *data_in, uint8_t *data_out) -{ - SHA256_CTX ctx; - - if (!SHA256_Init(&ctx)) - return -EFAULT; - SHA256_Transform(&ctx, data_in); - rte_memcpy(data_out, &ctx, SHA256_DIGEST_LENGTH); - return 0; -} - -static int partial_hash_sha384(uint8_t *data_in, uint8_t *data_out) -{ - SHA512_CTX ctx; - - if (!SHA384_Init(&ctx)) - return -EFAULT; - SHA512_Transform(&ctx, data_in); - rte_memcpy(data_out, &ctx, SHA512_DIGEST_LENGTH); - return 0; -} - -static int partial_hash_sha512(uint8_t *data_in, uint8_t *data_out) -{ - SHA512_CTX ctx; - - if (!SHA512_Init(&ctx)) - return -EFAULT; - SHA512_Transform(&ctx, data_in); - rte_memcpy(data_out, &ctx, SHA512_DIGEST_LENGTH); - return 0; -} - -static int partial_hash_md5(uint8_t *data_in, uint8_t *data_out) -{ - MD5_CTX ctx; - - if (!MD5_Init(&ctx)) - return -EFAULT; - MD5_Transform(&ctx, data_in); - rte_memcpy(data_out, &ctx, MD5_DIGEST_LENGTH); - - return 0; -} - static int partial_hash_compute(enum icp_qat_hw_auth_algo hash_alg, uint8_t *data_in, uint8_t *data_out) { + IMB_MGR *m; + uint32_t *hash_state_out_be32; + uint64_t *hash_state_out_be64; int digest_size; uint8_t digest[qat_hash_get_digest_size( ICP_QAT_HW_AUTH_ALGO_DELIMITER)]; - uint32_t *hash_state_out_be32; - uint64_t *hash_state_out_be64; int i; + hash_state_out_be32 = (uint32_t *)data_out; + hash_state_out_be64 = (uint64_t *)data_out; + /* Initialize to avoid gcc warning */ memset(digest, 0, sizeof(digest)); digest_size = qat_hash_get_digest_size(hash_alg); if (digest_size <= 0) return -EFAULT; + m = alloc_mb_mgr(0); + if (m == NULL) + return -ENOMEM; - hash_state_out_be32 = (uint32_t *)data_out; - hash_state_out_be64 = (uint64_t *)data_out; + init_mb_mgr_auto(m, NULL); switch (hash_alg) { case ICP_QAT_HW_AUTH_ALGO_SHA1: - if (partial_hash_sha1(data_in, digest)) - return -EFAULT; + IMB_SHA1_ONE_BLOCK(m, data_in, digest); for (i = 0; i < digest_size >> 2; i++, hash_state_out_be32++) *hash_state_out_be32 = rte_bswap32(*(((uint32_t *)digest)+i)); break; case ICP_QAT_HW_AUTH_ALGO_SHA224: - if (partial_hash_sha224(data_in, digest)) - return -EFAULT; + IMB_SHA224_ONE_BLOCK(m, data_in, digest); for (i = 0; i < digest_size >> 2; i++, hash_state_out_be32++) *hash_state_out_be32 = rte_bswap32(*(((uint32_t *)digest)+i)); break; case ICP_QAT_HW_AUTH_ALGO_SHA256: - if (partial_hash_sha256(data_in, digest)) - return -EFAULT; + IMB_SHA256_ONE_BLOCK(m, data_in, digest); for (i = 0; i < digest_size >> 2; i++, hash_state_out_be32++) *hash_state_out_be32 = rte_bswap32(*(((uint32_t *)digest)+i)); break; case ICP_QAT_HW_AUTH_ALGO_SHA384: - if (partial_hash_sha384(data_in, digest)) - return -EFAULT; + IMB_SHA384_ONE_BLOCK(m, data_in, digest); for (i = 0; i < digest_size >> 3; i++, hash_state_out_be64++) *hash_state_out_be64 = rte_bswap64(*(((uint64_t *)digest)+i)); break; case ICP_QAT_HW_AUTH_ALGO_SHA512: - if (partial_hash_sha512(data_in, digest)) - return -EFAULT; + IMB_SHA512_ONE_BLOCK(m, data_in, digest); for (i = 0; i < digest_size >> 3; i++, hash_state_out_be64++) *hash_state_out_be64 = rte_bswap64(*(((uint64_t *)digest)+i)); break; case ICP_QAT_HW_AUTH_ALGO_MD5: - if (partial_hash_md5(data_in, data_out)) - return -EFAULT; + IMB_MD5_ONE_BLOCK(m, data_in, data_out); break; default: QAT_LOG(ERR, "invalid hash alg %u", hash_alg); return -EFAULT; } + free_mb_mgr(m); return 0; } #define HMAC_IPAD_VALUE 0x36 -- 2.32.0