From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 1B7FE42CBA; Wed, 14 Jun 2023 20:23:35 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 98B8540E0F; Wed, 14 Jun 2023 20:23:34 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) by mails.dpdk.org (Postfix) with ESMTP id 458F440DDB for ; Wed, 14 Jun 2023 20:23:33 +0200 (CEST) Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 35EFRuCJ006099; Wed, 14 Jun 2023 11:23:32 -0700 Received: from nam10-dm6-obe.outbound.protection.outlook.com (mail-dm6nam10lp2109.outbound.protection.outlook.com [104.47.58.109]) by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3r7dd2sj5h-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 14 Jun 2023 11:23:31 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Uvmbgvr4XExT8M9BBjEezUB8GeXcbLCMhTcFkv71s9NcwPpePH+nl5wr+F/G5ZkgCD4Dqo0V6nL8JmxYAqHHWTQtWjUxv9t/kvgPfrxswmEepuwe+xlmv+yGTDHr0D5t/Rg2FiKGEhEC8SBc+qfur/wwhak7xrM8NnplH3Qs01TzmbCEdE/9LJIBRU2nJeRi5514RzViCeUvvTgfhyFf6CpwxM8DzXWKANZSUIBiePDqzLr4dN8MuvAWwaCq76fJhCUQcIRyn0jFjBwnb1x1wzMUsF/C4PwJR3tLoCqRvYRu/1Z39crdO8TI+vq90j7f7AXzgXTFGIKNvbzW9D1RVw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=+MiAkUYzCJOVclVbT7aegRCSZnnJkVLD5Cjue2HaEtY=; b=LCvnCDOESFwU65/jxYnFkw/lQdCLq1UMMfgdagmJmJFvz1DLzmnamMjHgD99IOtWIpVDxciv0hJasWQ1ZLrQZGwVnqq+/JiNJyr9/9mN6n6Pvl/oLnfTcTWff2pfl2pM2FIopFqvfkO4swsi9EVeTRaSaO1GWOqwJ2JSazzy7KZyZ9jSxdd3vHZbtwecuxwjPEWcBSxVCqOr0xfF6NKIdmRqZXfN3EF+1kUDTn9ySmEfacMVt5vYsLs5eXJxf5w+wj27+zm1ixtGnC61u6guGW/4WB2ZcgYkLjGqlsonX4gmFguD8fokRfPRHolMdMDL2Zv7sjrqtlWCdHj4/X7bLQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=marvell.com; dmarc=pass action=none header.from=marvell.com; dkim=pass header.d=marvell.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.onmicrosoft.com; s=selector1-marvell-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+MiAkUYzCJOVclVbT7aegRCSZnnJkVLD5Cjue2HaEtY=; b=FOLrFvgTR4C1RALYTL7vA9oNLkZZEoCJ8KE5CekPqt1XQhBCrTW1faW53LKS4wTFgt/RDSfWw+BlrOslxygexWMhnS/Qf/3/vYtFJ17aghGeVpa74emaHRFEJjJblGioqBVDOoV+Y90VDHSPL8j3qwbiZhgF5oOxzgrV+5DWiIU= Received: from CO6PR18MB4484.namprd18.prod.outlook.com (2603:10b6:5:359::9) by CO6PR18MB3812.namprd18.prod.outlook.com (2603:10b6:5:341::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6477.37; Wed, 14 Jun 2023 18:23:26 +0000 Received: from CO6PR18MB4484.namprd18.prod.outlook.com ([fe80::54d9:e505:2edc:111a]) by CO6PR18MB4484.namprd18.prod.outlook.com ([fe80::54d9:e505:2edc:111a%7]) with mapi id 15.20.6477.037; Wed, 14 Jun 2023 18:23:27 +0000 From: Akhil Goyal To: Brian Dooley , Kai Ji CC: "dev@dpdk.org" , "pablo.de.lara.guarch@intel.com" Subject: RE: [EXT] [PATCH v5] crypto/qat: default to IPsec MB for computations Thread-Topic: [EXT] [PATCH v5] crypto/qat: default to IPsec MB for computations Thread-Index: AQHZmGGj0PRzQUjzP0GXgWOP7Jj5P6+KqRzA Date: Wed, 14 Jun 2023 18:23:27 +0000 Message-ID: References: <20230526102650.774625-1-brian.dooley@intel.com> <20230606102820.356924-1-brian.dooley@intel.com> In-Reply-To: <20230606102820.356924-1-brian.dooley@intel.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-dg-rorf: true x-dg-ref: =?us-ascii?Q?PG1ldGE+PGF0IG5tPSJib2R5LnR4dCIgcD0iYzpcdXNlcnNcZ2FraGlsXGFw?= =?us-ascii?Q?cGRhdGFccm9hbWluZ1wwOWQ4NDliNi0zMmQzLTRhNDAtODVlZS02Yjg0YmEy?= =?us-ascii?Q?OWUzNWJcbXNnc1xtc2ctOGFmZGQxNjAtMGFlMC0xMWVlLWEwOTUtOTRlNmY3?= =?us-ascii?Q?NjYxOTA3XGFtZS10ZXN0XDhhZmRkMTYyLTBhZTAtMTFlZS1hMDk1LTk0ZTZm?= =?us-ascii?Q?NzY2MTkwN2JvZHkudHh0IiBzej0iNTI2MzUiIHQ9IjEzMzMxMjQwNjAyNjUx?= =?us-ascii?Q?MDQ5OSIgaD0iSmJtSHNnUmppdFpnMGFxbUlmOEUwc0Y5MnZnPSIgaWQ9IiIg?= =?us-ascii?Q?Ymw9IjAiIGJvPSIxIiBjaT0iY0FBQUFFUkhVMVJTUlVGTkNnVUFBTjRQQUFD?= =?us-ascii?Q?ajRGeE43WjdaQVI3d2tKV0ZUUklrSHZDUWxZVk5FaVFaQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUhBQUFBQnVEd0FBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUVBQVFFQkFBQUFJN3FUcEFDQUFRQUFBQUFBQUFBQUFKNEFBQUJoQUdRQVpB?= =?us-ascii?Q?QnlBR1VBY3dCekFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?RUFBQUFBQUFBQUFnQUFBQUFBbmdBQUFHTUFkUUJ6QUhRQWJ3QnRBRjhBY0FC?= =?us-ascii?Q?bEFISUFjd0J2QUc0QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQVFBQUFBQUFBQUFDQUFB?= =?us-ascii?Q?QUFBQ2VBQUFBWXdCMUFITUFkQUJ2QUcwQVh3QndBR2dBYndCdUFHVUFiZ0Ix?= =?us-ascii?Q?QUcwQVlnQmxBSElBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QkFBQUFBQUFBQUFBQUFBQUJBQUFBQUFBQUFBSUFBQUFBQUo0QUFBQmpBSFVB?= =?us-ascii?Q?Y3dCMEFHOEFiUUJmQUhNQWN3QnVBRjhBWkFCaEFITUFhQUJmQUhZQU1BQXlB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= x-dg-refone: =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFFQUFBQUFBQUFBQWdBQUFBQUFuZ0FBQUdN?= =?us-ascii?Q?QWRRQnpBSFFBYndCdEFGOEFjd0J6QUc0QVh3QnJBR1VBZVFCM0FHOEFjZ0Jr?= =?us-ascii?Q?QUhNQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBUUFBQUFBQUFBQUNBQUFBQUFDZUFBQUFZd0IxQUhNQWRBQnZBRzBB?= =?us-ascii?Q?WHdCekFITUFiZ0JmQUc0QWJ3QmtBR1VBYkFCcEFHMEFhUUIwQUdVQWNnQmZB?= =?us-ascii?Q?SFlBTUFBeUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQkFBQUFBQUFB?= =?us-ascii?Q?QUFJQUFBQUFBSjRBQUFCakFIVUFjd0IwQUc4QWJRQmZBSE1BY3dCdUFGOEFj?= =?us-ascii?Q?d0J3QUdFQVl3QmxBRjhBZGdBd0FESUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUVBQUFBQUFBQUFBZ0FBQUFBQW5nQUFB?= =?us-ascii?Q?R1FBYkFCd0FGOEFjd0JyQUhrQWNBQmxBRjhBWXdCb0FHRUFkQUJmQUcwQVpR?= =?us-ascii?Q?QnpBSE1BWVFCbkFHVUFYd0IyQURBQU1nQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFRQUFBQUFBQUFBQ0FBQUFBQUNlQUFBQVpBQnNBSEFBWHdCekFH?= =?us-ascii?Q?d0FZUUJqQUdzQVh3QmpBR2dBWVFCMEFGOEFiUUJsQUhNQWN3QmhBR2NBWlFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= x-dg-reftwo: =?us-ascii?Q?QUFBQUFBQUFBQUFCQUFBQUFBQUFBQUlBQUFBQUFKNEFBQUJrQUd3QWNBQmZB?= =?us-ascii?Q?SFFBWlFCaEFHMEFjd0JmQUc4QWJnQmxBR1FBY2dCcEFIWUFaUUJmQUdZQWFR?= =?us-ascii?Q?QnNBR1VBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBRUFB?= =?us-ascii?Q?QUFBQUFBQUFnQUFBQUFBbmdBQUFHVUFiUUJoQUdrQWJBQmZBR0VBWkFCa0FI?= =?us-ascii?Q?SUFaUUJ6QUhNQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQVFBQUFBQUFBQUFDQUFBQUFB?= =?us-ascii?Q?Q2VBQUFBYlFCaEFISUFkZ0JsQUd3QVh3QndBSElBYndCcUFHVUFZd0IwQUY4?= =?us-ascii?Q?QWJnQmhBRzBBWlFCekFGOEFZd0J2QUc0QVpnQnBBR1FBWlFCdUFIUUFhUUJo?= =?us-ascii?Q?QUd3QVh3QmhBR3dBYndCdUFHVUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUJBQUFBQUFBQUFBSUFBQUFBQUo0QUFBQnRBR0VBY2dC?= =?us-ascii?Q?MkFHVUFiQUJmQUhBQWNnQnZBR29BWlFCakFIUUFYd0J1QUdFQWJRQmxBSE1B?= =?us-ascii?Q?WHdCeUFHVUFjd0IwQUhJQWFRQmpBSFFBWlFCa0FGOEFZUUJzQUc4QWJnQmxB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFF?= =?us-ascii?Q?QUFBQUFBQUFBQWdBQUFBQUFuZ0FBQUcwQVlRQnlBSFlBWlFCc0FGOEFjQUJ5?= =?us-ascii?Q?QUc4QWFnQmxBR01BZEFCZkFHNEFZUUJ0QUdVQWN3QmZBSElBWlFCekFIUUFj?= =?us-ascii?Q?Z0JwQUdNQWRBQmxBR1FBWHdCb0FHVUFlQUJqQUc4QVpBQmxBSE1BQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBUUFBQUFBQUFBQUNBQUFB?= =?us-ascii?Q?QUFDZUFBQUFiUUJoQUhJQWRnQmxBR3dBYkFCZkFHRUFjZ0J0QUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= x-dg-refthree: =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFDQUFBQUFBQUFBQUFBQUFBQkFBQUFBQUFBQUFJ?= =?us-ascii?Q?QUFBQUFBSjRBQUFCdEFHRUFjZ0IyQUdVQWJBQnNBRjhBWndCdkFHOEFad0Jz?= =?us-ascii?Q?QUdVQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUVBQUFBQUFBQUFBZ0FBQUFBQW5nQUFBRzBB?= =?us-ascii?Q?WVFCeUFIWUFaUUJzQUd3QVh3QndBSElBYndCcUFHVUFZd0IwQUY4QVl3QnZB?= =?us-ascii?Q?R1FBWlFCekFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFRQUFBQUFBQUFBQ0FBQUFBQUNlQUFBQWJRQmhBSElBZGdCbEFHd0Fi?= =?us-ascii?Q?QUJmQUhBQWNnQnZBR29BWlFCakFIUUFYd0JqQUc4QVpBQmxBSE1BWHdCa0FH?= =?us-ascii?Q?a0FZd0IwQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFCQUFBQUFBQUFB?= =?us-ascii?Q?QUlBQUFBQUFKNEFBQUJ0QUdFQWNnQjJBR1VBYkFCc0FGOEFjQUJ5QUc4QWFn?= =?us-ascii?Q?QmxBR01BZEFCZkFHNEFZUUJ0QUdVQWN3QmZBR01BYndCdUFHWUFhUUJrQUdV?= =?us-ascii?Q?QWJnQjBBR2tBWVFCc0FGOEFiUUJoQUhJQWRnQmxBR3dBYkFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBRUFBQUFBQUFBQUFnQUFBQUFBbmdBQUFH?= =?us-ascii?Q?MEFZUUJ5QUhZQVpRQnNBR3dBWHdCd0FISUFid0JxQUdVQVl3QjBBRjhBYmdC?= =?us-ascii?Q?aEFHMEFaUUJ6QUY4QVl3QnZBRzRBWmdCcEFHUUFaUUJ1QUhRQWFRQmhBR3dB?= =?us-ascii?Q?WHdCdEFHRUFjZ0IyQUdVQWJBQnNBRjhBYndCeUFGOEFZUUJ5QUcwQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= x-dg-reffour: =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQVFBQUFBQUFBQUFDQUFBQUFBQ2VB?= =?us-ascii?Q?QUFBYlFCaEFISUFkZ0JsQUd3QWJBQmZBSEFBY2dCdkFHb0FaUUJqQUhRQVh3?= =?us-ascii?Q?QnVBR0VBYlFCbEFITUFYd0JqQUc4QWJnQm1BR2tBWkFCbEFHNEFkQUJwQUdF?= =?us-ascii?Q?QWJBQmZBRzBBWVFCeUFIWUFaUUJzQUd3QVh3QnZBSElBWHdCbkFHOEFid0Ju?= =?us-ascii?Q?QUd3QVpRQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUJBQUFBQUFBQUFBSUFBQUFBQUo0QUFBQnRBR0VBY2dCMkFH?= =?us-ascii?Q?VUFiQUJzQUY4QWNBQnlBRzhBYWdCbEFHTUFkQUJmQUc0QVlRQnRBR1VBY3dC?= =?us-ascii?Q?ZkFISUFaUUJ6QUhRQWNnQnBBR01BZEFCbEFHUUFYd0J0QUdFQWNnQjJBR1VB?= =?us-ascii?Q?YkFCc0FBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFFQUFB?= =?us-ascii?Q?QUFBQUFBQWdBQUFBQUFuZ0FBQUcwQVlRQnlBSFlBWlFCc0FHd0FYd0J3QUhJ?= =?us-ascii?Q?QWJ3QnFBR1VBWXdCMEFGOEFiZ0JoQUcwQVpRQnpBRjhBY2dCbEFITUFkQUJ5?= =?us-ascii?Q?QUdrQVl3QjBBR1VBWkFCZkFHMEFZUUJ5QUhZQVpRQnNBR3dBWHdCdkFISUFY?= =?us-ascii?Q?d0JoQUhJQWJRQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBUUFBQUFBQUFBQUNBQUFBQUFD?= =?us-ascii?Q?ZUFBQUFiUUJoQUhJQWRnQmxBR3dBYkFCZkFIUUFaUUJ5QUcwQWFRQnVBSFVB?= =?us-ascii?Q?Y3dBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQkFBQUFBQUFBQUFJQUFBQUFBSjRBQUFCdEFHRUFjZ0Iy?= =?us-ascii?Q?QUdVQWJBQnNBRjhBZHdCdkFISUFaQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUVB?= =?us-ascii?Q?QUFBQUFBQUFBZ0FBQUFBQSIvPjwvbWV0YT4=3D?= x-ms-publictraffictype: Email x-ms-traffictypediagnostic: CO6PR18MB4484:EE_|CO6PR18MB3812:EE_ x-ms-office365-filtering-correlation-id: 680b54b2-4f4b-4a83-7124-08db6d047288 x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: PyvCii+Uncwz0OUd36lIj+othn4ZS9zd7ZLfVnljAB0CSjbH3QR8eBhYkoQJ3fA7G1CUynXY4tE6tBa7gqoXeH+BMa6WN3vvMdBYfT9++dgOPD4ReQZXkiXaAxGDTbZ6fxfAv9P2H1YzyDZTTHQ97EJgMEmddISeRMhvXLMn9EvoyQx4sU3PUAfMM+39VFvJZS6+cJ8bEb0WcQuXHOBIXaGplpIC3l9M/1Z5x4/pD+WvgftO5IpSNh5fQOjI4njNYNIJ33+Cie3rRjeSVyV5PH58AnBaoTgUIXR2cYkzU6F3/orRB4y69Y7yckMsSVhKJsVLU8FXSbq5qkc87rnt7fdmeKq1rFn0ms8OFWO1iDPqCUGt+0gS+pNlh2UgaiV65iu0vwN6APcHqyiy257f5ImQtjiV+/6Gi2jd2yR737ZwTJiElhBV/Qhs5Ut72Xpr+r5MArVRzKtauzs7kiEHsY68HycjUwj75VU2trPB+dzE+xPvtEFSs8WVU9Tusl1rQ5ZLXA4aBD0o4ASEYKPxkw2X5i9udMDDULrVi/2I6g+dy+i/IX39xLzvVLUZ/CfkqNQ4RTQNc8kR9RatH4E4Hdnpx2fxj56cF1FyLMPtkUlUUEnAFPgNPtXLKJ+yshCC x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CO6PR18MB4484.namprd18.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230028)(4636009)(376002)(396003)(39860400002)(136003)(366004)(346002)(451199021)(2906002)(30864003)(33656002)(86362001)(38070700005)(52536014)(55016003)(7696005)(83380400001)(186003)(26005)(9686003)(6506007)(55236004)(5660300002)(122000001)(71200400001)(478600001)(110136005)(54906003)(66946007)(66556008)(66476007)(4326008)(64756008)(66446008)(76116006)(316002)(38100700002)(8676002)(41300700001)(8936002)(559001)(579004); DIR:OUT; SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?AeNElCFTEZpkVb1iBnOaj+5RUOtCwMTIwZLjv1C34D63qCPbou2VGg+oBykM?= =?us-ascii?Q?K2+c32sHhQZQdnJ/O3BhmwN04Uqv/Vf1AmxEWz4WmjNh04jIiOKLt6uWDm3T?= =?us-ascii?Q?3I8N3bJyPxWRBu7WrlG1bKVG8onojM+GFdquVPrcyYmPr86vOiQ4EYd+e9xD?= =?us-ascii?Q?D4zgnWbKiJEcjt0h06GC+UTPjMbZ+eett5JwFc5nJgL0wC9BaI4fZoCLPmOy?= =?us-ascii?Q?QliovLBbDliJyl1QJ1jhcBdCmUao1NiHhQzN/9mQyRR4KDSgd1aaVxwXZ7oT?= =?us-ascii?Q?/2ZQ5wFKkza1fTUjn0H3e+/HaT39SIxfk53O4163OCRIWUjcRpSeePiFyijj?= =?us-ascii?Q?7Qa2lGrzad4ISgYnodX+4NcSZs92d0NTTR3fn07km1WSedxawnx8V8OhQr5i?= =?us-ascii?Q?dC6Tuc4/ZMy8WMRyQt1ez/os0xSDmgjsCVCu6FQYuXBt8u8GizEvgV8e3i81?= =?us-ascii?Q?Z1xqvWimlxslGPe4aKDaoAtK9mwYoh50sF+kVSV50dVAQoCvCHaVC08EQkrZ?= =?us-ascii?Q?btngYp4eum/iM4fGsaUsPSGsHXd2n6ZRk9UK1MVGjDDwxGzeEVjJdmkFByHF?= =?us-ascii?Q?sKF5IUwZknQDT21UNeClE9ydDxvxdQHH5GCauKYnUOJAZVx+Ycs9jS6i9bSl?= =?us-ascii?Q?7PPpSlgui+jTzWPCGzzVZPtuAD38qbr9POEflQSs2nfsd2TA1sOuaLK0VQRg?= =?us-ascii?Q?NmPAaZ04pzRl4Okrjv82p0l3CdyopzDM69g3tvRI/Z6uGzlrS6S4j52ldCxf?= =?us-ascii?Q?5yArJNLUCNZZADHU5Gt8F7w5tGaEXlkhiBC2Tzi6VJT5qc7sgx2hPj/JWcNM?= =?us-ascii?Q?0c8DHSl3usMjZoP31zhsGN6qVDEjS25lLOWwefQ+xrnWieui6yoaN5zDmicb?= =?us-ascii?Q?UIVrb6LHR5T7qKMs6hl7u/kPbTXxE8cFHc9tIljiJiXD3i9gyh2apkUKQqow?= =?us-ascii?Q?Rv35lpeRda8Erm5eeeWlyDl9nIAsubDn45QWFH6ibAXzRZvE4KaXc3BLMn3Y?= =?us-ascii?Q?Ili9ewixGnMBSJe2UADnoZgyecAcIQuZl4+jXjq4nIY/loHpo5rmkZPkEF46?= =?us-ascii?Q?V4P0CQqHyoqf5YGyT7dfInfT7TDlcQBCHv2wAEm0duV9av6TtxrsqGYO8ZcE?= =?us-ascii?Q?BP5FMwXvDx/NAcnjuxUYvbqhBodHpE7Gx6qO0uZ9oPcz6r31CoHPJdRt5xYA?= =?us-ascii?Q?V1d+LiXwbcBh0EeW7qMJPoQbp16BbQmETybbQUv2C4DbgiOV2rgTYbLGY/OL?= =?us-ascii?Q?pwHSxqnyI2OxuB9CpaLJF7tyJ2Nawd3T2ymz4y7ndee5V4NcUtbPoQaBFw6w?= =?us-ascii?Q?GPStFF6G1/kzVMQRhmGrmvEVi5E/ArSFB3YUkrmmmOS7R6LhzsTGUnZvNqPs?= =?us-ascii?Q?1haHT+XwguSBKfm6hgWY2SCCp9xvdrKWqOJNS34wU6uaNJPNUfQW8ORTNEoO?= =?us-ascii?Q?h6yKjAKV+vxGHPJ57wRcEb6xncAHqbUX7GtnHUi0P62ytjvIKbYAJMssRgUq?= =?us-ascii?Q?v0lHcqoDxhefo9FVNfp8nNjdCq5/U3fpcsWQ4kN9lLVkaEU0vR/u30Z9sOb8?= =?us-ascii?Q?t8iZdCpkrul90UJcW/5i3AxCBxv50F1FOGzLnVkT?= Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: marvell.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: CO6PR18MB4484.namprd18.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 680b54b2-4f4b-4a83-7124-08db6d047288 X-MS-Exchange-CrossTenant-originalarrivaltime: 14 Jun 2023 18:23:27.1852 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 70e1fb47-1155-421d-87fc-2e58f638b6e0 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: D/weRxFRjic6b9q3YXxKYcXhVPXuXy5hGcm667ttmq62Sm/jquEkuRgPRBqqp2dNWIgY1GZJQFO1voIXrjBgyA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO6PR18MB3812 X-Proofpoint-GUID: JdWsEFBDql9CkhhGdY-L2ae6SKSrLsqD X-Proofpoint-ORIG-GUID: JdWsEFBDql9CkhhGdY-L2ae6SKSrLsqD X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.254,Aquarius:18.0.957,Hydra:6.0.573,FMLib:17.11.176.26 definitions=2023-06-14_13,2023-06-14_02,2023-05-22_02 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org > -IMB_required_ver =3D '1.2.0' > +IMB_required_ver =3D '1.4.0' > IMB_header =3D '#include' > if arch_subdir =3D=3D 'arm' > IMB_header =3D '#include' > endif I believe there are compilation issues with arm repo for 1.4 version. It is better to fix that first before making this to default. > libipsecmb =3D cc.find_library('IPSec_MB', required: false) > -libcrypto_3 =3D dependency('libcrypto', required: false, > - method: 'pkg-config', version : '>=3D3.0.0') > -if libipsecmb.found() and libcrypto_3.found() > +if libipsecmb.found() > # version comes with quotes, so we split based on " and take the mid= dle > imb_ver =3D cc.get_define('IMB_VERSION_STR', > prefix : IMB_header).split('"')[1] >=20 > if (imb_ver.version_compare('>=3D' + IMB_required_ver)) > ext_deps +=3D libipsecmb > - dpdk_conf.set('RTE_QAT_LIBIPSECMB', true) > + elif libcrypto.found() > + ext_deps +=3D libcrypto > + dpdk_conf.set('RTE_QAT_OPENSSL', true) > + else > + qat_crypto =3D false > + dpdk_drvs_disabled +=3D qat_crypto_path > + set_variable(qat_crypto_path.underscorify() + '_disable_reason', > + 'missing dependency, libipsecmb or libcrypto') > endif > +elif libcrypto.found() > + ext_deps +=3D libcrypto > + dpdk_conf.set('RTE_QAT_OPENSSL', true) > +else > + qat_crypto =3D false > + dpdk_drvs_disabled +=3D qat_crypto_path > + set_variable(qat_crypto_path.underscorify() + '_disable_reason', > + 'missing dependency, libipsecmb or libcrypto') > endif >=20 > # The driver should not build if both compression and crypto are disable= d > @@ -103,6 +110,5 @@ if qat_crypto > sources +=3D files(join_paths(qat_crypto_relpath, f)) > endforeach > deps +=3D ['security'] > - ext_deps +=3D libcrypto > cflags +=3D ['-DBUILD_QAT_SYM', '-DBUILD_QAT_ASYM'] > endif > diff --git a/drivers/common/qat/qat_device.c > b/drivers/common/qat/qat_device.c > index 0479175b65..20e56b5cf2 100644 > --- a/drivers/common/qat/qat_device.c > +++ b/drivers/common/qat/qat_device.c > @@ -371,7 +371,6 @@ static int qat_pci_probe(struct rte_pci_driver *pci_d= rv > __rte_unused, > struct qat_pci_device *qat_pci_dev; > struct qat_dev_hw_spec_funcs *ops_hw; > struct qat_dev_cmd_param qat_dev_cmd_param[] =3D { > - { QAT_IPSEC_MB_LIB, 0 }, > { SYM_ENQ_THRESHOLD_NAME, 0 }, > { ASYM_ENQ_THRESHOLD_NAME, 0 }, > { COMP_ENQ_THRESHOLD_NAME, 0 }, > diff --git a/drivers/common/qat/qat_device.h > b/drivers/common/qat/qat_device.h > index 4188474dde..0cfe8654b1 100644 > --- a/drivers/common/qat/qat_device.h > +++ b/drivers/common/qat/qat_device.h > @@ -17,13 +17,12 @@ >=20 > #define QAT_DEV_NAME_MAX_LEN 64 >=20 > -#define QAT_IPSEC_MB_LIB "qat_ipsec_mb_lib" > #define SYM_ENQ_THRESHOLD_NAME "qat_sym_enq_threshold" > #define ASYM_ENQ_THRESHOLD_NAME "qat_asym_enq_threshold" > #define COMP_ENQ_THRESHOLD_NAME "qat_comp_enq_threshold" > #define SYM_CIPHER_CRC_ENABLE_NAME "qat_sym_cipher_crc_enable" > #define QAT_CMD_SLICE_MAP "qat_cmd_slice_disable" > -#define QAT_CMD_SLICE_MAP_POS 5 > +#define QAT_CMD_SLICE_MAP_POS 4 > #define MAX_QP_THRESHOLD_SIZE 32 >=20 > /** > diff --git a/drivers/crypto/qat/dev/qat_crypto_pmd_gens.h > b/drivers/crypto/qat/dev/qat_crypto_pmd_gens.h > index e8e92e22d4..7776763356 100644 > --- a/drivers/crypto/qat/dev/qat_crypto_pmd_gens.h > +++ b/drivers/crypto/qat/dev/qat_crypto_pmd_gens.h > @@ -82,8 +82,13 @@ qat_bpicipher_preprocess(struct qat_sym_session *ctx, > QAT_DP_HEXDUMP_LOG(DEBUG, "BPI: dst before pre- > process:", > dst, last_block_len); > #endif > +#ifdef RTE_QAT_OPENSSL > op_bpi_cipher_decrypt(last_block, dst, iv, block_len, > last_block_len, ctx->bpi_ctx); > +#else > + bpi_cipher_ipsec(last_block, dst, iv, last_block_len, ctx- > >expkey, > + ctx->mb_mgr, ctx->docsis_key_len); > +#endif > #if RTE_LOG_DP_LEVEL >=3D RTE_LOG_DEBUG > QAT_DP_HEXDUMP_LOG(DEBUG, "BPI: src after pre-process:", > last_block, last_block_len); > @@ -231,7 +236,12 @@ qat_sym_convert_op_to_vec_cipher(struct > rte_crypto_op *op, > cipher_ofs =3D op->sym->cipher.data.offset >> 3; > break; > case 0: > + > +#ifdef RTE_QAT_OPENSSL > if (ctx->bpi_ctx) { > +#else > + if (ctx->mb_mgr) { > +#endif > /* DOCSIS - only send complete blocks to device. > * Process any partial block using CFB mode. > * Even if 0 complete blocks, still send this to device > diff --git a/drivers/crypto/qat/qat_sym.c b/drivers/crypto/qat/qat_sym.c > index 345c845325..b93908f007 100644 > --- a/drivers/crypto/qat/qat_sym.c > +++ b/drivers/crypto/qat/qat_sym.c > @@ -1,5 +1,5 @@ > /* SPDX-License-Identifier: BSD-3-Clause > - * Copyright(c) 2015-2022 Intel Corporation > + * Copyright(c) 2015-2023 Intel Corporation > */ >=20 > #include > @@ -16,7 +16,6 @@ > #include "qat_qp.h" >=20 > uint8_t qat_sym_driver_id; > -int qat_ipsec_mb_lib; >=20 > struct qat_crypto_gen_dev_ops qat_sym_gen_dev_ops[QAT_N_GENS]; >=20 > @@ -110,7 +109,11 @@ qat_sym_build_request(void *in_op, uint8_t > *out_msg, > struct rte_cryptodev *cdev; > struct qat_cryptodev_private *internals; >=20 > +#ifdef RTE_QAT_OPENSSL > if (unlikely(ctx->bpi_ctx =3D=3D NULL)) { > +#else > + if (unlikely(ctx->mb_mgr =3D=3D NULL)) { > +#endif > QAT_DP_LOG(ERR, "QAT PMD only supports > security" > " operation requests for" > " DOCSIS, op (%p) is not for" > @@ -283,8 +286,6 @@ qat_sym_dev_create(struct qat_pci_device > *qat_pci_dev, > SYM_CIPHER_CRC_ENABLE_NAME)) > internals->cipher_crc_offload_enable =3D > qat_dev_cmd_param[i].val; > - if (!strcmp(qat_dev_cmd_param[i].name, QAT_IPSEC_MB_LIB)) > - qat_ipsec_mb_lib =3D qat_dev_cmd_param[i].val; > if (!strcmp(qat_dev_cmd_param[i].name, > QAT_CMD_SLICE_MAP)) > slice_map =3D qat_dev_cmd_param[i].val; > i++; > diff --git a/drivers/crypto/qat/qat_sym.h b/drivers/crypto/qat/qat_sym.h > index 3d841d0eba..341016dcf3 100644 > --- a/drivers/crypto/qat/qat_sym.h > +++ b/drivers/crypto/qat/qat_sym.h > @@ -164,6 +164,20 @@ bpi_cipher_encrypt(uint8_t *src, uint8_t *dst, > return -EINVAL; > } >=20 > +#ifndef RTE_QAT_OPENSSL > +static __rte_always_inline void > +bpi_cipher_ipsec(uint8_t *src, uint8_t *dst, uint8_t *iv, int srclen, > + uint64_t *expkey, IMB_MGR *m, uint8_t docsis_key_len) > +{ > + if (docsis_key_len =3D=3D ICP_QAT_HW_AES_128_KEY_SZ) > + IMB_AES128_CFB_ONE(m, dst, src, (uint64_t *)iv, expkey, > srclen); > + else if (docsis_key_len =3D=3D ICP_QAT_HW_AES_256_KEY_SZ) > + IMB_AES256_CFB_ONE(m, dst, src, (uint64_t *)iv, expkey, > srclen); > + else if (docsis_key_len =3D=3D ICP_QAT_HW_DES_KEY_SZ) > + des_cfb_one(dst, src, (uint64_t *)iv, expkey, srclen); > +} > +#endif > + > static inline uint32_t > qat_bpicipher_postprocess(struct qat_sym_session *ctx, > struct rte_crypto_op *op) > @@ -208,8 +222,13 @@ qat_bpicipher_postprocess(struct qat_sym_session > *ctx, > "BPI: dst before post-process:", > dst, last_block_len); > #endif > +#ifdef RTE_QAT_OPENSSL > bpi_cipher_encrypt(last_block, dst, iv, block_len, > last_block_len, ctx->bpi_ctx); > +#else > + bpi_cipher_ipsec(last_block, dst, iv, last_block_len, ctx- > >expkey, > + ctx->mb_mgr, ctx->docsis_key_len); > +#endif > #if RTE_LOG_DP_LEVEL >=3D RTE_LOG_DEBUG > QAT_DP_HEXDUMP_LOG(DEBUG, "BPI: src after post-process:", > last_block, last_block_len); > @@ -280,7 +299,11 @@ qat_sym_preprocess_requests(void **ops, uint16_t > nb_ops) > if (op->sess_type =3D=3D RTE_CRYPTO_OP_SECURITY_SESSION) { > ctx =3D SECURITY_GET_SESS_PRIV(op->sym->session); >=20 > +#ifdef RTE_QAT_OPENSSL > if (ctx =3D=3D NULL || ctx->bpi_ctx =3D=3D NULL) > +#else > + if (ctx =3D=3D NULL || ctx->mb_mgr =3D=3D NULL) > +#endif > continue; >=20 > if (ctx->qat_cmd !=3D > ICP_QAT_FW_LA_CMD_CIPHER_CRC) > @@ -329,7 +352,11 @@ qat_sym_process_response(void **op, uint8_t *resp, > void *op_cookie, > } else { > rx_op->status =3D RTE_CRYPTO_OP_STATUS_SUCCESS; >=20 > +#ifdef RTE_QAT_OPENSSL > if (sess->bpi_ctx) { > +#else > + if (sess->mb_mgr) { > +#endif > qat_bpicipher_postprocess(sess, rx_op); > #ifdef RTE_LIB_SECURITY > if (is_docsis_sec && sess->qat_cmd !=3D > diff --git a/drivers/crypto/qat/qat_sym_session.c > b/drivers/crypto/qat/qat_sym_session.c > index 9babf13b66..da9a50dd49 100644 > --- a/drivers/crypto/qat/qat_sym_session.c > +++ b/drivers/crypto/qat/qat_sym_session.c > @@ -9,8 +9,7 @@ > #include /* Needed to calculate pre-compute values */ > #include /* Needed for bpi runt block processing */ >=20 > -#ifdef RTE_QAT_LIBIPSECMB > -#define NO_COMPAT_IMB_API_053 > +#ifndef RTE_QAT_OPENSSL > #if defined(RTE_ARCH_ARM) > #include > #else > @@ -34,6 +33,7 @@ > #include "qat_sym_session.h" > #include "qat_sym.h" >=20 > +#ifdef RTE_QAT_OPENSSL > #if (OPENSSL_VERSION_NUMBER >=3D 0x30000000L) > #include >=20 > @@ -66,8 +66,7 @@ static void ossl_legacy_provider_unload(void) > OSSL_PROVIDER_unload(default_lib); > } > #endif > - > -extern int qat_ipsec_mb_lib; > +#endif >=20 > #define ETH_CRC32_POLYNOMIAL 0x04c11db7 > #define ETH_CRC32_INIT_VAL 0xffffffff > @@ -146,6 +145,7 @@ qat_sym_session_finalize(struct qat_sym_session > *session) > qat_sym_session_init_common_hdr(session); > } >=20 > +#ifdef RTE_QAT_OPENSSL > /** Frees a context previously created > * Depends on openssl libcrypto > */ > @@ -196,6 +196,51 @@ bpi_cipher_ctx_init(enum rte_crypto_cipher_algorithm > cryptodev_algo, > } > return ret; > } > +#endif > + > +#ifndef RTE_QAT_OPENSSL > +/** Creates a context in either AES or DES in ECB mode > + */ > +static int > +ipsec_mb_ctx_init(const uint8_t *key, uint16_t key_length, > + enum rte_crypto_cipher_algorithm cryptodev_algo, > + uint64_t *expkey, uint32_t *dust, IMB_MGR **m) > +{ > + int ret; > + > + *m =3D alloc_mb_mgr(0); > + if (*m =3D=3D NULL) > + return -ENOMEM; > + > + init_mb_mgr_auto(*m, NULL); > + > + if (cryptodev_algo =3D=3D RTE_CRYPTO_CIPHER_AES_DOCSISBPI) { > + if (key_length =3D=3D ICP_QAT_HW_AES_128_KEY_SZ) > + IMB_AES_KEYEXP_128(*m, key, expkey, dust); > + else if (key_length =3D=3D ICP_QAT_HW_AES_256_KEY_SZ) > + IMB_AES_KEYEXP_256(*m, key, expkey, dust); > + else { > + ret =3D -EFAULT; > + goto error_out; > + } > + } else if (cryptodev_algo =3D=3D RTE_CRYPTO_CIPHER_DES_DOCSISBPI) { > + if (key_length =3D=3D ICP_QAT_HW_DES_KEY_SZ) > + IMB_DES_KEYSCHED(*m, (uint64_t *)expkey, key); > + else { > + ret =3D -EFAULT; > + goto error_out; > + } > + } > + return 0; > + > +error_out: > + if (*m) { > + free_mb_mgr(*m); > + *m =3D NULL; > + } > + return ret; > +} > +#endif >=20 > static int > qat_is_cipher_alg_supported(enum rte_crypto_cipher_algorithm algo, > @@ -245,8 +290,13 @@ qat_sym_session_clear(struct rte_cryptodev *dev > __rte_unused, > { > struct qat_sym_session *s =3D CRYPTODEV_GET_SYM_SESS_PRIV(sess); >=20 > +#ifdef RTE_QAT_OPENSSL > if (s->bpi_ctx) > bpi_cipher_ctx_free(s->bpi_ctx); > +#else > + if (s->mb_mgr) > + free_mb_mgr(s->mb_mgr); > +#endif > } >=20 > static int > @@ -409,12 +459,23 @@ qat_sym_session_configure_cipher(struct > rte_cryptodev *dev, > session->qat_mode =3D ICP_QAT_HW_CIPHER_CTR_MODE; > break; > case RTE_CRYPTO_CIPHER_DES_DOCSISBPI: > +#ifdef RTE_QAT_OPENSSL > ret =3D bpi_cipher_ctx_init( > cipher_xform->algo, > cipher_xform->op, > cipher_xform->key.data, > cipher_xform->key.length, > &session->bpi_ctx); > +#else > + session->docsis_key_len =3D cipher_xform->key.length; > + ret =3D ipsec_mb_ctx_init( > + cipher_xform->key.data, > + cipher_xform->key.length, > + cipher_xform->algo, > + session->expkey, > + session->dust, > + &session->mb_mgr); > +#endif > if (ret !=3D 0) { > QAT_LOG(ERR, "failed to create DES BPI ctx"); > goto error_out; > @@ -428,12 +489,23 @@ qat_sym_session_configure_cipher(struct > rte_cryptodev *dev, > session->qat_mode =3D ICP_QAT_HW_CIPHER_CBC_MODE; > break; > case RTE_CRYPTO_CIPHER_AES_DOCSISBPI: > +#ifdef RTE_QAT_OPENSSL > ret =3D bpi_cipher_ctx_init( > cipher_xform->algo, > cipher_xform->op, > cipher_xform->key.data, > cipher_xform->key.length, > &session->bpi_ctx); > +#else > + session->docsis_key_len =3D cipher_xform->key.length; > + ret =3D ipsec_mb_ctx_init( > + cipher_xform->key.data, > + cipher_xform->key.length, > + cipher_xform->algo, > + session->expkey, > + session->dust, > + &session->mb_mgr); > +#endif > if (ret !=3D 0) { > QAT_LOG(ERR, "failed to create AES BPI ctx"); > goto error_out; > @@ -519,10 +591,18 @@ qat_sym_session_configure_cipher(struct > rte_cryptodev *dev, > return 0; >=20 > error_out: > +#ifdef RTE_QAT_OPENSSL > if (session->bpi_ctx) { > bpi_cipher_ctx_free(session->bpi_ctx); > session->bpi_ctx =3D NULL; > } > +#else > + if (session->mb_mgr) { > + free_mb_mgr(session->mb_mgr); > + session->mb_mgr =3D NULL; > + } > + > +#endif > return ret; > } >=20 > @@ -533,8 +613,10 @@ qat_sym_session_configure(struct rte_cryptodev *dev, > { > int ret; >=20 > +#ifdef RTE_QAT_OPENSSL > #if (OPENSSL_VERSION_NUMBER >=3D 0x30000000L) > ossl_legacy_provider_load(); > +#endif > #endif > ret =3D qat_sym_session_set_parameters(dev, xform, > CRYPTODEV_GET_SYM_SESS_PRIV(sess), > @@ -546,8 +628,10 @@ qat_sym_session_configure(struct rte_cryptodev *dev, > return ret; > } >=20 > +#ifdef RTE_QAT_OPENSSL > # if (OPENSSL_VERSION_NUMBER >=3D 0x30000000L) > ossl_legacy_provider_unload(); > +# endif > # endif > return 0; > } > @@ -1209,57 +1293,91 @@ static int qat_hash_get_block_size(enum > icp_qat_hw_auth_algo qat_hash_alg) > #define HMAC_OPAD_VALUE 0x5c > #define HASH_XCBC_PRECOMP_KEY_NUM 3 >=20 > -static const uint8_t AES_CMAC_SEED[ICP_QAT_HW_AES_128_KEY_SZ]; > +#ifdef RTE_QAT_OPENSSL > +static int partial_hash_sha1(uint8_t *data_in, uint8_t *data_out) > +{ > + SHA_CTX ctx; >=20 > -#ifdef RTE_QAT_LIBIPSECMB > -static int aes_ipsecmb_job(uint8_t *in, uint8_t *out, IMB_MGR *m, > - const uint8_t *key, uint16_t auth_keylen) > + if (!SHA1_Init(&ctx)) > + return -EFAULT; > + SHA1_Transform(&ctx, data_in); > + rte_memcpy(data_out, &ctx, SHA_DIGEST_LENGTH); > + return 0; > +} > + > +static int partial_hash_sha224(uint8_t *data_in, uint8_t *data_out) > { > - int err; > - struct IMB_JOB *job; > - DECLARE_ALIGNED(uint32_t expkey[4*15], 16); > - DECLARE_ALIGNED(uint32_t dust[4*15], 16); > + SHA256_CTX ctx; >=20 > - if (auth_keylen =3D=3D ICP_QAT_HW_AES_128_KEY_SZ) > - IMB_AES_KEYEXP_128(m, key, expkey, dust); > - else if (auth_keylen =3D=3D ICP_QAT_HW_AES_192_KEY_SZ) > - IMB_AES_KEYEXP_192(m, key, expkey, dust); > - else if (auth_keylen =3D=3D ICP_QAT_HW_AES_256_KEY_SZ) > - IMB_AES_KEYEXP_256(m, key, expkey, dust); > - else > + if (!SHA224_Init(&ctx)) > return -EFAULT; > + SHA256_Transform(&ctx, data_in); > + rte_memcpy(data_out, &ctx, SHA256_DIGEST_LENGTH); > + return 0; > +} >=20 > - job =3D IMB_GET_NEXT_JOB(m); > +static int partial_hash_sha256(uint8_t *data_in, uint8_t *data_out) > +{ > + SHA256_CTX ctx; >=20 > - job->src =3D in; > - job->dst =3D out; > - job->enc_keys =3D expkey; > - job->key_len_in_bytes =3D auth_keylen; > - job->msg_len_to_cipher_in_bytes =3D 16; > - job->iv_len_in_bytes =3D 0; > - job->cipher_direction =3D IMB_DIR_ENCRYPT; > - job->cipher_mode =3D IMB_CIPHER_ECB; > - job->hash_alg =3D IMB_AUTH_NULL; > + if (!SHA256_Init(&ctx)) > + return -EFAULT; > + SHA256_Transform(&ctx, data_in); > + rte_memcpy(data_out, &ctx, SHA256_DIGEST_LENGTH); > + return 0; > +} >=20 > - while (IMB_FLUSH_JOB(m) !=3D NULL) > - ; > +static int partial_hash_sha384(uint8_t *data_in, uint8_t *data_out) > +{ > + SHA512_CTX ctx; >=20 > - job =3D IMB_SUBMIT_JOB(m); > - if (job) { > - if (job->status =3D=3D IMB_STATUS_COMPLETED) > - return 0; > - } > + if (!SHA384_Init(&ctx)) > + return -EFAULT; > + SHA512_Transform(&ctx, data_in); > + rte_memcpy(data_out, &ctx, SHA512_DIGEST_LENGTH); > + return 0; > +} >=20 > - err =3D imb_get_errno(m); > - if (err) > - QAT_LOG(ERR, "Error: %s!\n", imb_get_strerror(err)); > +static int partial_hash_sha512(uint8_t *data_in, uint8_t *data_out) > +{ > + SHA512_CTX ctx; >=20 > - return -EFAULT; > + if (!SHA512_Init(&ctx)) > + return -EFAULT; > + SHA512_Transform(&ctx, data_in); > + rte_memcpy(data_out, &ctx, SHA512_DIGEST_LENGTH); > + return 0; > +} > + > +static int partial_hash_md5(uint8_t *data_in, uint8_t *data_out) > +{ > + MD5_CTX ctx; > + > + if (!MD5_Init(&ctx)) > + return -EFAULT; > + MD5_Transform(&ctx, data_in); > + rte_memcpy(data_out, &ctx, MD5_DIGEST_LENGTH); > + > + return 0; > +} > + > +static void aes_cmac_key_derive(uint8_t *base, uint8_t *derived) > +{ > + int i; > + > + derived[0] =3D base[0] << 1; > + for (i =3D 1; i < ICP_QAT_HW_AES_BLK_SZ ; i++) { > + derived[i] =3D base[i] << 1; > + derived[i - 1] |=3D base[i] >> 7; > + } > + > + if (base[0] & 0x80) > + derived[ICP_QAT_HW_AES_BLK_SZ - 1] ^=3D > QAT_AES_CMAC_CONST_RB; > } >=20 > static int > -partial_hash_compute_ipsec_mb(enum icp_qat_hw_auth_algo hash_alg, > - uint8_t *data_in, uint8_t *data_out, IMB_MGR *m) > +partial_hash_compute(enum icp_qat_hw_auth_algo hash_alg, > + uint8_t *data_in, uint8_t *data_out) > { > int digest_size; > uint8_t digest[qat_hash_get_digest_size( > @@ -1280,37 +1398,43 @@ partial_hash_compute_ipsec_mb(enum > icp_qat_hw_auth_algo hash_alg, >=20 > switch (hash_alg) { > case ICP_QAT_HW_AUTH_ALGO_SHA1: > - IMB_SHA1_ONE_BLOCK(m, data_in, digest); > + if (partial_hash_sha1(data_in, digest)) > + return -EFAULT; > for (i =3D 0; i < digest_size >> 2; i++, hash_state_out_be32++) > *hash_state_out_be32 =3D > rte_bswap32(*(((uint32_t *)digest)+i)); > break; > case ICP_QAT_HW_AUTH_ALGO_SHA224: > - IMB_SHA224_ONE_BLOCK(m, data_in, digest); > + if (partial_hash_sha224(data_in, digest)) > + return -EFAULT; > for (i =3D 0; i < digest_size >> 2; i++, hash_state_out_be32++) > *hash_state_out_be32 =3D > rte_bswap32(*(((uint32_t *)digest)+i)); > break; > case ICP_QAT_HW_AUTH_ALGO_SHA256: > - IMB_SHA256_ONE_BLOCK(m, data_in, digest); > + if (partial_hash_sha256(data_in, digest)) > + return -EFAULT; > for (i =3D 0; i < digest_size >> 2; i++, hash_state_out_be32++) > *hash_state_out_be32 =3D > rte_bswap32(*(((uint32_t *)digest)+i)); > break; > case ICP_QAT_HW_AUTH_ALGO_SHA384: > - IMB_SHA384_ONE_BLOCK(m, data_in, digest); > + if (partial_hash_sha384(data_in, digest)) > + return -EFAULT; > for (i =3D 0; i < digest_size >> 3; i++, hash_state_out_be64++) > *hash_state_out_be64 =3D > rte_bswap64(*(((uint64_t *)digest)+i)); > break; > case ICP_QAT_HW_AUTH_ALGO_SHA512: > - IMB_SHA512_ONE_BLOCK(m, data_in, digest); > + if (partial_hash_sha512(data_in, digest)) > + return -EFAULT; > for (i =3D 0; i < digest_size >> 3; i++, hash_state_out_be64++) > *hash_state_out_be64 =3D > rte_bswap64(*(((uint64_t *)digest)+i)); > break; > case ICP_QAT_HW_AUTH_ALGO_MD5: > - IMB_MD5_ONE_BLOCK(m, data_in, data_out); > + if (partial_hash_md5(data_in, data_out)) > + return -EFAULT; > break; > default: > QAT_LOG(ERR, "invalid hash alg %u", hash_alg); > @@ -1320,108 +1444,150 @@ partial_hash_compute_ipsec_mb(enum > icp_qat_hw_auth_algo hash_alg, > return 0; > } >=20 > -static int qat_sym_do_precomputes_ipsec_mb(enum icp_qat_hw_auth_algo > hash_alg, > +static const uint8_t AES_CMAC_SEED[ICP_QAT_HW_AES_128_KEY_SZ]; > + > +static int qat_sym_do_precomputes(enum icp_qat_hw_auth_algo hash_alg, > const uint8_t *auth_key, > uint16_t auth_keylen, > uint8_t *p_state_buf, > uint16_t *p_state_len, > uint8_t aes_cmac) > { > - int block_size =3D 0; > + int block_size; > uint8_t > ipad[qat_hash_get_block_size(ICP_QAT_HW_AUTH_ALGO_DELIMITER)]; > uint8_t > opad[qat_hash_get_block_size(ICP_QAT_HW_AUTH_ALGO_DELIMITER)]; > - int i, ret =3D 0; > - uint8_t in[ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ]; > - > - IMB_MGR *m; > - m =3D alloc_mb_mgr(0); > - if (m =3D=3D NULL) > - return -ENOMEM; > + int i; >=20 > - init_mb_mgr_auto(m, NULL); > - memset(in, 0, ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ); > if (hash_alg =3D=3D ICP_QAT_HW_AUTH_ALGO_AES_XCBC_MAC) { >=20 > /* CMAC */ > if (aes_cmac) { > + AES_KEY enc_key; > + uint8_t *in =3D NULL; > + uint8_t k0[ICP_QAT_HW_AES_128_KEY_SZ]; > uint8_t *k1, *k2; > + > auth_keylen =3D ICP_QAT_HW_AES_128_KEY_SZ; > - rte_memcpy(p_state_buf, auth_key, auth_keylen); >=20 > - DECLARE_ALIGNED(uint32_t expkey[4*15], 16); > - DECLARE_ALIGNED(uint32_t dust[4*15], 16); > - IMB_AES_KEYEXP_128(m, p_state_buf, expkey, dust); > - k1 =3D p_state_buf + > ICP_QAT_HW_AES_XCBC_MAC_STATE1_SZ; > - k2 =3D k1 + ICP_QAT_HW_AES_XCBC_MAC_STATE1_SZ; > + in =3D rte_zmalloc("AES CMAC K1", > + ICP_QAT_HW_AES_128_KEY_SZ, 16); >=20 > - IMB_AES_CMAC_SUBKEY_GEN_128(m, expkey, k1, k2); > - *p_state_len =3D > ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ; > - goto out; > - } > + if (in =3D=3D NULL) { > + QAT_LOG(ERR, "Failed to alloc memory"); > + return -ENOMEM; > + } >=20 > - static uint8_t qat_aes_xcbc_key_seed[ > - ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ] =3D { > - 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, > - 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, > - 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, > - 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, > - 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, > - 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, > - }; > + rte_memcpy(in, AES_CMAC_SEED, > + ICP_QAT_HW_AES_128_KEY_SZ); > + rte_memcpy(p_state_buf, auth_key, auth_keylen); >=20 > - uint8_t *input =3D in; > - uint8_t *out =3D p_state_buf; > - rte_memcpy(input, qat_aes_xcbc_key_seed, > - ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ); > - for (i =3D 0; i < HASH_XCBC_PRECOMP_KEY_NUM; i++) { > - if (aes_ipsecmb_job(input, out, m, auth_key, > auth_keylen)) { > - memset(input - > - (i * ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ), > - 0, > ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ); > - ret =3D -EFAULT; > - goto out; > + if (AES_set_encrypt_key(auth_key, auth_keylen << 3, > + &enc_key) !=3D 0) { > + rte_free(in); > + return -EFAULT; > } >=20 > - input +=3D ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ; > - out +=3D ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ; > - } > - *p_state_len =3D ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ; > - goto out; > + AES_encrypt(in, k0, &enc_key); >=20 > - } else if ((hash_alg =3D=3D ICP_QAT_HW_AUTH_ALGO_GALOIS_128) || > - (hash_alg =3D=3D ICP_QAT_HW_AUTH_ALGO_GALOIS_64)) { > - uint8_t *out =3D p_state_buf; > + k1 =3D p_state_buf + > ICP_QAT_HW_AES_XCBC_MAC_STATE1_SZ; > + k2 =3D k1 + ICP_QAT_HW_AES_XCBC_MAC_STATE1_SZ; >=20 > - memset(p_state_buf, 0, ICP_QAT_HW_GALOIS_H_SZ + > - ICP_QAT_HW_GALOIS_LEN_A_SZ + > - ICP_QAT_HW_GALOIS_E_CTR0_SZ); > - if (aes_ipsecmb_job(in, out, m, auth_key, auth_keylen)) { > - ret =3D -EFAULT; > - goto out; > - } > + aes_cmac_key_derive(k0, k1); > + aes_cmac_key_derive(k1, k2); >=20 > - *p_state_len =3D ICP_QAT_HW_GALOIS_H_SZ + > + memset(k0, 0, ICP_QAT_HW_AES_128_KEY_SZ); > + *p_state_len =3D > ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ; > + rte_free(in); > + goto out; > + } else { > + static uint8_t qat_aes_xcbc_key_seed[ > + > ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ] =3D { > + 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, > + 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, > + 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, > + 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, > + 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, > + 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, > + }; > + > + uint8_t *in =3D NULL; > + uint8_t *out =3D p_state_buf; > + int x; > + AES_KEY enc_key; > + > + in =3D rte_zmalloc("working mem for key", > + > ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ, 16); > + if (in =3D=3D NULL) { > + QAT_LOG(ERR, "Failed to alloc memory"); > + return -ENOMEM; > + } > + > + rte_memcpy(in, qat_aes_xcbc_key_seed, > + > ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ); > + for (x =3D 0; x < HASH_XCBC_PRECOMP_KEY_NUM; x++) { > + if (AES_set_encrypt_key(auth_key, > + auth_keylen << 3, > + &enc_key) !=3D 0) { > + rte_free(in - > + (x * > ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ)); > + memset(out - > + (x * > ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ), > + 0, > ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ); > + return -EFAULT; > + } > + AES_encrypt(in, out, &enc_key); > + in +=3D ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ; > + out +=3D ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ; > + } > + *p_state_len =3D > ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ; > + rte_free(in - x*ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ); > + goto out; > + } > + > + } else if ((hash_alg =3D=3D ICP_QAT_HW_AUTH_ALGO_GALOIS_128) || > + (hash_alg =3D=3D ICP_QAT_HW_AUTH_ALGO_GALOIS_64)) { > + uint8_t *in =3D NULL; > + uint8_t *out =3D p_state_buf; > + AES_KEY enc_key; > + > + memset(p_state_buf, 0, ICP_QAT_HW_GALOIS_H_SZ + > + ICP_QAT_HW_GALOIS_LEN_A_SZ + > + ICP_QAT_HW_GALOIS_E_CTR0_SZ); > + in =3D rte_zmalloc("working mem for key", > + ICP_QAT_HW_GALOIS_H_SZ, 16); > + if (in =3D=3D NULL) { > + QAT_LOG(ERR, "Failed to alloc memory"); > + return -ENOMEM; > + } > + > + memset(in, 0, ICP_QAT_HW_GALOIS_H_SZ); > + if (AES_set_encrypt_key(auth_key, auth_keylen << 3, > + &enc_key) !=3D 0) { > + return -EFAULT; > + } > + AES_encrypt(in, out, &enc_key); > + *p_state_len =3D ICP_QAT_HW_GALOIS_H_SZ + > ICP_QAT_HW_GALOIS_LEN_A_SZ + > ICP_QAT_HW_GALOIS_E_CTR0_SZ; > - goto out; > + rte_free(in); > + return 0; > } >=20 > block_size =3D qat_hash_get_block_size(hash_alg); > - if (block_size < 0) { > - free_mb_mgr(m); > + if (block_size < 0) > return block_size; > - } > + /* init ipad and opad from key and xor with fixed values */ > + memset(ipad, 0, block_size); > + memset(opad, 0, block_size); >=20 > if (auth_keylen > (unsigned int)block_size) { > QAT_LOG(ERR, "invalid keylen %u", auth_keylen); > - ret =3D -EFAULT; > - goto out; > + return -EFAULT; > } > - /* init ipad and opad from key and xor with fixed values */ > - memset(ipad, 0, block_size); > - memset(opad, 0, block_size); > + > RTE_VERIFY(auth_keylen <=3D sizeof(ipad)); > RTE_VERIFY(auth_keylen <=3D sizeof(opad)); > + > rte_memcpy(ipad, auth_key, auth_keylen); > rte_memcpy(opad, auth_key, auth_keylen); >=20 > @@ -1433,10 +1599,11 @@ static int > qat_sym_do_precomputes_ipsec_mb(enum icp_qat_hw_auth_algo hash_alg, > } >=20 > /* do partial hash of ipad and copy to state1 */ > - if (partial_hash_compute_ipsec_mb(hash_alg, ipad, p_state_buf, m)) { > + if (partial_hash_compute(hash_alg, ipad, p_state_buf)) { > + memset(ipad, 0, block_size); > + memset(opad, 0, block_size); > QAT_LOG(ERR, "ipad precompute failed"); > - ret =3D -EFAULT; > - goto out; > + return -EFAULT; > } >=20 > /* > @@ -1444,105 +1611,70 @@ static int > qat_sym_do_precomputes_ipsec_mb(enum icp_qat_hw_auth_algo hash_alg, > * Put the partial hash of opad state_len bytes after state1 > */ > *p_state_len =3D qat_hash_get_state1_size(hash_alg); > - if (partial_hash_compute_ipsec_mb(hash_alg, opad, > - p_state_buf + *p_state_len, m)) { > + if (partial_hash_compute(hash_alg, opad, p_state_buf + *p_state_len)) { > + memset(ipad, 0, block_size); > + memset(opad, 0, block_size); > QAT_LOG(ERR, "opad precompute failed"); > - ret =3D -EFAULT; > - goto out; > + return -EFAULT; > } >=20 > -out: > /* don't leave data lying around */ > memset(ipad, 0, block_size); > memset(opad, 0, block_size); > - free_mb_mgr(m); > - return ret; > -} > -#endif > -static int partial_hash_sha1(uint8_t *data_in, uint8_t *data_out) > -{ > - SHA_CTX ctx; > - > - if (!SHA1_Init(&ctx)) > - return -EFAULT; > - SHA1_Transform(&ctx, data_in); > - rte_memcpy(data_out, &ctx, SHA_DIGEST_LENGTH); > - return 0; > -} > - > -static int partial_hash_sha224(uint8_t *data_in, uint8_t *data_out) > -{ > - SHA256_CTX ctx; > - > - if (!SHA224_Init(&ctx)) > - return -EFAULT; > - SHA256_Transform(&ctx, data_in); > - rte_memcpy(data_out, &ctx, SHA256_DIGEST_LENGTH); > - return 0; > -} > - > -static int partial_hash_sha256(uint8_t *data_in, uint8_t *data_out) > -{ > - SHA256_CTX ctx; > - > - if (!SHA256_Init(&ctx)) > - return -EFAULT; > - SHA256_Transform(&ctx, data_in); > - rte_memcpy(data_out, &ctx, SHA256_DIGEST_LENGTH); > +out: > return 0; > } >=20 > -static int partial_hash_sha384(uint8_t *data_in, uint8_t *data_out) > -{ > - SHA512_CTX ctx; > - > - if (!SHA384_Init(&ctx)) > - return -EFAULT; > - SHA512_Transform(&ctx, data_in); > - rte_memcpy(data_out, &ctx, SHA512_DIGEST_LENGTH); > - return 0; > -} > +#else >=20 > -static int partial_hash_sha512(uint8_t *data_in, uint8_t *data_out) > +static int aes_ipsecmb_job(uint8_t *in, uint8_t *out, IMB_MGR *m, > + const uint8_t *key, uint16_t auth_keylen) > { > - SHA512_CTX ctx; > + int err; > + struct IMB_JOB *job; > + DECLARE_ALIGNED(uint32_t expkey[4*15], 16); > + DECLARE_ALIGNED(uint32_t dust[4*15], 16); >=20 > - if (!SHA512_Init(&ctx)) > + if (auth_keylen =3D=3D ICP_QAT_HW_AES_128_KEY_SZ) > + IMB_AES_KEYEXP_128(m, key, expkey, dust); > + else if (auth_keylen =3D=3D ICP_QAT_HW_AES_192_KEY_SZ) > + IMB_AES_KEYEXP_192(m, key, expkey, dust); > + else if (auth_keylen =3D=3D ICP_QAT_HW_AES_256_KEY_SZ) > + IMB_AES_KEYEXP_256(m, key, expkey, dust); > + else > return -EFAULT; > - SHA512_Transform(&ctx, data_in); > - rte_memcpy(data_out, &ctx, SHA512_DIGEST_LENGTH); > - return 0; > -} >=20 > -static int partial_hash_md5(uint8_t *data_in, uint8_t *data_out) > -{ > - MD5_CTX ctx; > - > - if (!MD5_Init(&ctx)) > - return -EFAULT; > - MD5_Transform(&ctx, data_in); > - rte_memcpy(data_out, &ctx, MD5_DIGEST_LENGTH); > + job =3D IMB_GET_NEXT_JOB(m); >=20 > - return 0; > -} > + job->src =3D in; > + job->dst =3D out; > + job->enc_keys =3D expkey; > + job->key_len_in_bytes =3D auth_keylen; > + job->msg_len_to_cipher_in_bytes =3D 16; > + job->iv_len_in_bytes =3D 0; > + job->cipher_direction =3D IMB_DIR_ENCRYPT; > + job->cipher_mode =3D IMB_CIPHER_ECB; > + job->hash_alg =3D IMB_AUTH_NULL; >=20 > -static void aes_cmac_key_derive(uint8_t *base, uint8_t *derived) > -{ > - int i; > + while (IMB_FLUSH_JOB(m) !=3D NULL) > + ; >=20 > - derived[0] =3D base[0] << 1; > - for (i =3D 1; i < ICP_QAT_HW_AES_BLK_SZ ; i++) { > - derived[i] =3D base[i] << 1; > - derived[i - 1] |=3D base[i] >> 7; > + job =3D IMB_SUBMIT_JOB(m); > + if (job) { > + if (job->status =3D=3D IMB_STATUS_COMPLETED) > + return 0; > } >=20 > - if (base[0] & 0x80) > - derived[ICP_QAT_HW_AES_BLK_SZ - 1] ^=3D > QAT_AES_CMAC_CONST_RB; > + err =3D imb_get_errno(m); > + if (err) > + QAT_LOG(ERR, "Error: %s!\n", imb_get_strerror(err)); > + > + return -EFAULT; > } >=20 > static int > -partial_hash_compute(enum icp_qat_hw_auth_algo hash_alg, > - uint8_t *data_in, uint8_t *data_out) > +partial_hash_compute_ipsec_mb(enum icp_qat_hw_auth_algo hash_alg, > + uint8_t *data_in, uint8_t *data_out, IMB_MGR *m) > { > int digest_size; > uint8_t digest[qat_hash_get_digest_size( > @@ -1563,43 +1695,37 @@ partial_hash_compute(enum > icp_qat_hw_auth_algo hash_alg, >=20 > switch (hash_alg) { > case ICP_QAT_HW_AUTH_ALGO_SHA1: > - if (partial_hash_sha1(data_in, digest)) > - return -EFAULT; > + IMB_SHA1_ONE_BLOCK(m, data_in, digest); > for (i =3D 0; i < digest_size >> 2; i++, hash_state_out_be32++) > *hash_state_out_be32 =3D > rte_bswap32(*(((uint32_t *)digest)+i)); > break; > case ICP_QAT_HW_AUTH_ALGO_SHA224: > - if (partial_hash_sha224(data_in, digest)) > - return -EFAULT; > + IMB_SHA224_ONE_BLOCK(m, data_in, digest); > for (i =3D 0; i < digest_size >> 2; i++, hash_state_out_be32++) > *hash_state_out_be32 =3D > rte_bswap32(*(((uint32_t *)digest)+i)); > break; > case ICP_QAT_HW_AUTH_ALGO_SHA256: > - if (partial_hash_sha256(data_in, digest)) > - return -EFAULT; > + IMB_SHA256_ONE_BLOCK(m, data_in, digest); > for (i =3D 0; i < digest_size >> 2; i++, hash_state_out_be32++) > *hash_state_out_be32 =3D > rte_bswap32(*(((uint32_t *)digest)+i)); > break; > case ICP_QAT_HW_AUTH_ALGO_SHA384: > - if (partial_hash_sha384(data_in, digest)) > - return -EFAULT; > + IMB_SHA384_ONE_BLOCK(m, data_in, digest); > for (i =3D 0; i < digest_size >> 3; i++, hash_state_out_be64++) > *hash_state_out_be64 =3D > rte_bswap64(*(((uint64_t *)digest)+i)); > break; > case ICP_QAT_HW_AUTH_ALGO_SHA512: > - if (partial_hash_sha512(data_in, digest)) > - return -EFAULT; > + IMB_SHA512_ONE_BLOCK(m, data_in, digest); > for (i =3D 0; i < digest_size >> 3; i++, hash_state_out_be64++) > *hash_state_out_be64 =3D > rte_bswap64(*(((uint64_t *)digest)+i)); > break; > case ICP_QAT_HW_AUTH_ALGO_MD5: > - if (partial_hash_md5(data_in, data_out)) > - return -EFAULT; > + IMB_MD5_ONE_BLOCK(m, data_in, data_out); > break; > default: > QAT_LOG(ERR, "invalid hash alg %u", hash_alg); > @@ -1609,148 +1735,108 @@ partial_hash_compute(enum > icp_qat_hw_auth_algo hash_alg, > return 0; > } >=20 > -static int qat_sym_do_precomputes(enum icp_qat_hw_auth_algo hash_alg, > +static int qat_sym_do_precomputes_ipsec_mb(enum icp_qat_hw_auth_algo > hash_alg, > const uint8_t *auth_key, > uint16_t auth_keylen, > uint8_t *p_state_buf, > uint16_t *p_state_len, > uint8_t aes_cmac) > { > - int block_size; > + int block_size =3D 0; > uint8_t > ipad[qat_hash_get_block_size(ICP_QAT_HW_AUTH_ALGO_DELIMITER)]; > uint8_t > opad[qat_hash_get_block_size(ICP_QAT_HW_AUTH_ALGO_DELIMITER)]; > - int i; > + int i, ret =3D 0; > + uint8_t in[ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ]; > + > + IMB_MGR *m; > + m =3D alloc_mb_mgr(0); > + if (m =3D=3D NULL) > + return -ENOMEM; >=20 > + init_mb_mgr_auto(m, NULL); > + memset(in, 0, ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ); > if (hash_alg =3D=3D ICP_QAT_HW_AUTH_ALGO_AES_XCBC_MAC) { >=20 > /* CMAC */ > if (aes_cmac) { > - AES_KEY enc_key; > - uint8_t *in =3D NULL; > - uint8_t k0[ICP_QAT_HW_AES_128_KEY_SZ]; > uint8_t *k1, *k2; > - > auth_keylen =3D ICP_QAT_HW_AES_128_KEY_SZ; > - > - in =3D rte_zmalloc("AES CMAC K1", > - ICP_QAT_HW_AES_128_KEY_SZ, 16); > - > - if (in =3D=3D NULL) { > - QAT_LOG(ERR, "Failed to alloc memory"); > - return -ENOMEM; > - } > - > - rte_memcpy(in, AES_CMAC_SEED, > - ICP_QAT_HW_AES_128_KEY_SZ); > rte_memcpy(p_state_buf, auth_key, auth_keylen); >=20 > - if (AES_set_encrypt_key(auth_key, auth_keylen << 3, > - &enc_key) !=3D 0) { > - rte_free(in); > - return -EFAULT; > - } > - > - AES_encrypt(in, k0, &enc_key); > - > + DECLARE_ALIGNED(uint32_t expkey[4*15], 16); > + DECLARE_ALIGNED(uint32_t dust[4*15], 16); > + IMB_AES_KEYEXP_128(m, p_state_buf, expkey, dust); > k1 =3D p_state_buf + > ICP_QAT_HW_AES_XCBC_MAC_STATE1_SZ; > k2 =3D k1 + ICP_QAT_HW_AES_XCBC_MAC_STATE1_SZ; >=20 > - aes_cmac_key_derive(k0, k1); > - aes_cmac_key_derive(k1, k2); > - > - memset(k0, 0, ICP_QAT_HW_AES_128_KEY_SZ); > + IMB_AES_CMAC_SUBKEY_GEN_128(m, expkey, k1, k2); > *p_state_len =3D > ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ; > - rte_free(in); > - return 0; > - } else { > - static uint8_t qat_aes_xcbc_key_seed[ > - > ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ] =3D { > - 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, > - 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, > - 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, > - 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, > - 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, > - 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, > - }; > + goto out; > + } >=20 > - uint8_t *in =3D NULL; > - uint8_t *out =3D p_state_buf; > - int x; > - AES_KEY enc_key; > + static uint8_t qat_aes_xcbc_key_seed[ > + ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ] =3D { > + 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, > + 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, > + 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, > + 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, > + 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, > + 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, > + }; >=20 > - in =3D rte_zmalloc("working mem for key", > - > ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ, 16); > - if (in =3D=3D NULL) { > - QAT_LOG(ERR, "Failed to alloc memory"); > - return -ENOMEM; > + uint8_t *input =3D in; > + uint8_t *out =3D p_state_buf; > + rte_memcpy(input, qat_aes_xcbc_key_seed, > + ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ); > + for (i =3D 0; i < HASH_XCBC_PRECOMP_KEY_NUM; i++) { > + if (aes_ipsecmb_job(input, out, m, auth_key, > auth_keylen)) { > + memset(input - > + (i * ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ), > + 0, > ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ); > + ret =3D -EFAULT; > + goto out; > } >=20 > - rte_memcpy(in, qat_aes_xcbc_key_seed, > - > ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ); > - for (x =3D 0; x < HASH_XCBC_PRECOMP_KEY_NUM; x++) { > - if (AES_set_encrypt_key(auth_key, > - auth_keylen << 3, > - &enc_key) !=3D 0) { > - rte_free(in - > - (x * > ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ)); > - memset(out - > - (x * > ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ), > - 0, > ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ); > - return -EFAULT; > - } > - AES_encrypt(in, out, &enc_key); > - in +=3D ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ; > - out +=3D ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ; > - } > - *p_state_len =3D > ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ; > - rte_free(in - x*ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ); > - return 0; > + input +=3D ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ; > + out +=3D ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ; > } > + *p_state_len =3D ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ; > + goto out; >=20 > } else if ((hash_alg =3D=3D ICP_QAT_HW_AUTH_ALGO_GALOIS_128) || > (hash_alg =3D=3D ICP_QAT_HW_AUTH_ALGO_GALOIS_64)) { > - uint8_t *in =3D NULL; > uint8_t *out =3D p_state_buf; > - AES_KEY enc_key; >=20 > memset(p_state_buf, 0, ICP_QAT_HW_GALOIS_H_SZ + > ICP_QAT_HW_GALOIS_LEN_A_SZ + > ICP_QAT_HW_GALOIS_E_CTR0_SZ); > - in =3D rte_zmalloc("working mem for key", > - ICP_QAT_HW_GALOIS_H_SZ, 16); > - if (in =3D=3D NULL) { > - QAT_LOG(ERR, "Failed to alloc memory"); > - return -ENOMEM; > + if (aes_ipsecmb_job(in, out, m, auth_key, auth_keylen)) { > + ret =3D -EFAULT; > + goto out; > } >=20 > - memset(in, 0, ICP_QAT_HW_GALOIS_H_SZ); > - if (AES_set_encrypt_key(auth_key, auth_keylen << 3, > - &enc_key) !=3D 0) { > - return -EFAULT; > - } > - AES_encrypt(in, out, &enc_key); > *p_state_len =3D ICP_QAT_HW_GALOIS_H_SZ + > ICP_QAT_HW_GALOIS_LEN_A_SZ + > ICP_QAT_HW_GALOIS_E_CTR0_SZ; > - rte_free(in); > - return 0; > + goto out; > } >=20 > block_size =3D qat_hash_get_block_size(hash_alg); > - if (block_size < 0) > + if (block_size < 0) { > + free_mb_mgr(m); > return block_size; > - /* init ipad and opad from key and xor with fixed values */ > - memset(ipad, 0, block_size); > - memset(opad, 0, block_size); > + } >=20 > if (auth_keylen > (unsigned int)block_size) { > QAT_LOG(ERR, "invalid keylen %u", auth_keylen); > - return -EFAULT; > + ret =3D -EFAULT; > + goto out; > } > - > + /* init ipad and opad from key and xor with fixed values */ > + memset(ipad, 0, block_size); > + memset(opad, 0, block_size); > RTE_VERIFY(auth_keylen <=3D sizeof(ipad)); > RTE_VERIFY(auth_keylen <=3D sizeof(opad)); > - > rte_memcpy(ipad, auth_key, auth_keylen); > rte_memcpy(opad, auth_key, auth_keylen); >=20 > @@ -1762,11 +1848,10 @@ static int qat_sym_do_precomputes(enum > icp_qat_hw_auth_algo hash_alg, > } >=20 > /* do partial hash of ipad and copy to state1 */ > - if (partial_hash_compute(hash_alg, ipad, p_state_buf)) { > - memset(ipad, 0, block_size); > - memset(opad, 0, block_size); > + if (partial_hash_compute_ipsec_mb(hash_alg, ipad, p_state_buf, m)) { > QAT_LOG(ERR, "ipad precompute failed"); > - return -EFAULT; > + ret =3D -EFAULT; > + goto out; > } >=20 > /* > @@ -1774,18 +1859,21 @@ static int qat_sym_do_precomputes(enum > icp_qat_hw_auth_algo hash_alg, > * Put the partial hash of opad state_len bytes after state1 > */ > *p_state_len =3D qat_hash_get_state1_size(hash_alg); > - if (partial_hash_compute(hash_alg, opad, p_state_buf + *p_state_len)) { > - memset(ipad, 0, block_size); > - memset(opad, 0, block_size); > + if (partial_hash_compute_ipsec_mb(hash_alg, opad, > + p_state_buf + *p_state_len, m)) { > QAT_LOG(ERR, "opad precompute failed"); > - return -EFAULT; > + ret =3D -EFAULT; > + goto out; > } >=20 > +out: > /* don't leave data lying around */ > memset(ipad, 0, block_size); > memset(opad, 0, block_size); > - return 0; > + free_mb_mgr(m); > + return ret; > } > +#endif >=20 > static void > qat_sym_session_init_common_hdr(struct qat_sym_session *session) > @@ -2180,20 +2268,16 @@ int qat_sym_cd_auth_set(struct qat_sym_session > *cdesc, > break; > } > /* SHA-1 HMAC */ > - if (qat_ipsec_mb_lib) { > -#ifdef RTE_QAT_LIBIPSECMB > - ret =3D > qat_sym_do_precomputes_ipsec_mb(ICP_QAT_HW_AUTH_ALGO_SHA1, > - authkey, authkeylen, cdesc->cd_cur_ptr, > &state1_size, > - cdesc->aes_cmac); > +#ifdef RTE_QAT_OPENSSL > + ret =3D > qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA1, authkey, > + authkeylen, cdesc->cd_cur_ptr, &state1_size, > + cdesc->aes_cmac); > + > #else > - QAT_LOG(ERR, "Intel IPSEC-MB LIB missing ?"); > - return -EFAULT; > + ret =3D > qat_sym_do_precomputes_ipsec_mb(ICP_QAT_HW_AUTH_ALGO_SHA1, > + authkey, authkeylen, cdesc->cd_cur_ptr, &state1_size, > + cdesc->aes_cmac); > #endif > - } else { > - ret =3D > qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA1, authkey, > - authkeylen, cdesc->cd_cur_ptr, &state1_size, > - cdesc->aes_cmac); > - } >=20 > if (ret) { > QAT_LOG(ERR, "(SHA)precompute failed"); > @@ -2211,21 +2295,15 @@ int qat_sym_cd_auth_set(struct qat_sym_session > *cdesc, > break; > } > /* SHA-224 HMAC */ > - if (qat_ipsec_mb_lib) { > -#ifdef RTE_QAT_LIBIPSECMB > - ret =3D > qat_sym_do_precomputes_ipsec_mb(ICP_QAT_HW_AUTH_ALGO_SHA224, > - authkey, authkeylen, cdesc->cd_cur_ptr, > &state1_size, > - cdesc->aes_cmac); > +#ifdef RTE_QAT_OPENSSL > + ret =3D > qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA224, authkey, > + authkeylen, cdesc->cd_cur_ptr, &state1_size, > + cdesc->aes_cmac); > #else > - QAT_LOG(ERR, "Intel IPSEC-MB LIB missing ?"); > - return -EFAULT; > + ret =3D > qat_sym_do_precomputes_ipsec_mb(ICP_QAT_HW_AUTH_ALGO_SHA224, > + authkey, authkeylen, cdesc->cd_cur_ptr, &state1_size, > + cdesc->aes_cmac); > #endif > - } else { > - ret =3D > qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA224, authkey, > - authkeylen, cdesc->cd_cur_ptr, &state1_size, > - cdesc->aes_cmac); > - } > - > if (ret) { > QAT_LOG(ERR, "(SHA)precompute failed"); > return -EFAULT; > @@ -2242,21 +2320,15 @@ int qat_sym_cd_auth_set(struct qat_sym_session > *cdesc, > break; > } > /* SHA-256 HMAC */ > - if (qat_ipsec_mb_lib) { > -#ifdef RTE_QAT_LIBIPSECMB > - ret =3D > qat_sym_do_precomputes_ipsec_mb(ICP_QAT_HW_AUTH_ALGO_SHA256, > - authkey, authkeylen, cdesc->cd_cur_ptr, > &state1_size, > - cdesc->aes_cmac); > +#ifdef RTE_QAT_OPENSSL > + ret =3D > qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA256, authkey, > + authkeylen, cdesc->cd_cur_ptr, &state1_size, > + cdesc->aes_cmac); > #else > - QAT_LOG(ERR, "Intel IPSEC-MB LIB missing ?"); > - return -EFAULT; > + ret =3D > qat_sym_do_precomputes_ipsec_mb(ICP_QAT_HW_AUTH_ALGO_SHA256, > + authkey, authkeylen, cdesc->cd_cur_ptr, &state1_size, > + cdesc->aes_cmac); > #endif > - } else { > - ret =3D > qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA256, authkey, > - authkeylen, cdesc->cd_cur_ptr, &state1_size, > - cdesc->aes_cmac); > - } > - > if (ret) { > QAT_LOG(ERR, "(SHA)precompute failed"); > return -EFAULT; > @@ -2273,21 +2345,15 @@ int qat_sym_cd_auth_set(struct qat_sym_session > *cdesc, > break; > } > /* SHA-384 HMAC */ > - if (qat_ipsec_mb_lib) { > -#ifdef RTE_QAT_LIBIPSECMB > - ret =3D > qat_sym_do_precomputes_ipsec_mb(ICP_QAT_HW_AUTH_ALGO_SHA384, > - authkey, authkeylen, cdesc->cd_cur_ptr, > &state1_size, > - cdesc->aes_cmac); > +#ifdef RTE_QAT_OPENSSL > + ret =3D > qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA384, authkey, > + authkeylen, cdesc->cd_cur_ptr, &state1_size, > + cdesc->aes_cmac); > #else > - QAT_LOG(ERR, "Intel IPSEC-MB LIB missing ?"); > - return -EFAULT; > + ret =3D > qat_sym_do_precomputes_ipsec_mb(ICP_QAT_HW_AUTH_ALGO_SHA384, > + authkey, authkeylen, cdesc->cd_cur_ptr, &state1_size, > + cdesc->aes_cmac); > #endif > - } else { > - ret =3D > qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA384, authkey, > - authkeylen, cdesc->cd_cur_ptr, &state1_size, > - cdesc->aes_cmac); > - } > - > if (ret) { > QAT_LOG(ERR, "(SHA)precompute failed"); > return -EFAULT; > @@ -2304,21 +2370,15 @@ int qat_sym_cd_auth_set(struct qat_sym_session > *cdesc, > break; > } > /* SHA-512 HMAC */ > - if (qat_ipsec_mb_lib) { > -#ifdef RTE_QAT_LIBIPSECMB > - ret =3D > qat_sym_do_precomputes_ipsec_mb(ICP_QAT_HW_AUTH_ALGO_SHA512, > - authkey, authkeylen, cdesc->cd_cur_ptr, > &state1_size, > - cdesc->aes_cmac); > +#ifdef RTE_QAT_OPENSSL > + ret =3D > qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA512, authkey, > + authkeylen, cdesc->cd_cur_ptr, &state1_size, > + cdesc->aes_cmac); > #else > - QAT_LOG(ERR, "Intel IPSEC-MB LIB missing ?"); > - return -EFAULT; > + ret =3D > qat_sym_do_precomputes_ipsec_mb(ICP_QAT_HW_AUTH_ALGO_SHA512, > + authkey, authkeylen, cdesc->cd_cur_ptr, &state1_size, > + cdesc->aes_cmac); > #endif > - } else { > - ret =3D > qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA512, authkey, > - authkeylen, cdesc->cd_cur_ptr, &state1_size, > - cdesc->aes_cmac); > - } > - > if (ret) { > QAT_LOG(ERR, "(SHA)precompute failed"); > return -EFAULT; > @@ -2354,22 +2414,16 @@ int qat_sym_cd_auth_set(struct qat_sym_session > *cdesc, >=20 > if (cdesc->aes_cmac) > memset(cdesc->cd_cur_ptr, 0, state1_size); > - if (qat_ipsec_mb_lib) { > -#ifdef RTE_QAT_LIBIPSECMB > - ret =3D qat_sym_do_precomputes_ipsec_mb( > - ICP_QAT_HW_AUTH_ALGO_AES_XCBC_MAC, > - authkey, authkeylen, cdesc->cd_cur_ptr + > state1_size, > - &state2_size, cdesc->aes_cmac); > +#ifdef RTE_QAT_OPENSSL > + ret =3D > qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_AES_XCBC_MAC, > + authkey, authkeylen, cdesc->cd_cur_ptr + state1_size, > + &state2_size, cdesc->aes_cmac); > #else > - QAT_LOG(ERR, "Intel IPSEC-MB LIB missing ?"); > - return -EFAULT; > + ret =3D qat_sym_do_precomputes_ipsec_mb( > + ICP_QAT_HW_AUTH_ALGO_AES_XCBC_MAC, > + authkey, authkeylen, cdesc->cd_cur_ptr + state1_size, > + &state2_size, cdesc->aes_cmac); > #endif > - } else { > - ret =3D > qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_AES_XCBC_MAC, > - authkey, authkeylen, cdesc->cd_cur_ptr + > state1_size, > - &state2_size, cdesc->aes_cmac); > - } > - > if (ret) { > cdesc->aes_cmac ? QAT_LOG(ERR, > "(CMAC)precompute failed") > @@ -2382,21 +2436,15 @@ int qat_sym_cd_auth_set(struct qat_sym_session > *cdesc, > case ICP_QAT_HW_AUTH_ALGO_GALOIS_64: > cdesc->qat_proto_flag =3D QAT_CRYPTO_PROTO_FLAG_GCM; > state1_size =3D ICP_QAT_HW_GALOIS_128_STATE1_SZ; > - if (qat_ipsec_mb_lib) { > -#ifdef RTE_QAT_LIBIPSECMB > - ret =3D qat_sym_do_precomputes_ipsec_mb(cdesc- > >qat_hash_alg, authkey, > - authkeylen, cdesc->cd_cur_ptr + state1_size, > - &state2_size, cdesc->aes_cmac); > +#ifdef RTE_QAT_OPENSSL > + ret =3D qat_sym_do_precomputes(cdesc->qat_hash_alg, authkey, > + authkeylen, cdesc->cd_cur_ptr + state1_size, > + &state2_size, cdesc->aes_cmac); > #else > - QAT_LOG(ERR, "Intel IPSEC-MB LIB missing ?"); > - return -EFAULT; > + ret =3D qat_sym_do_precomputes_ipsec_mb(cdesc- > >qat_hash_alg, authkey, > + authkeylen, cdesc->cd_cur_ptr + state1_size, > + &state2_size, cdesc->aes_cmac); > #endif > - } else { > - ret =3D qat_sym_do_precomputes(cdesc->qat_hash_alg, > authkey, > - authkeylen, cdesc->cd_cur_ptr + state1_size, > - &state2_size, cdesc->aes_cmac); > - } > - > if (ret) { > QAT_LOG(ERR, "(GCM)precompute failed"); > return -EFAULT; > @@ -2453,21 +2501,15 @@ int qat_sym_cd_auth_set(struct qat_sym_session > *cdesc, >=20 > break; > case ICP_QAT_HW_AUTH_ALGO_MD5: > - if (qat_ipsec_mb_lib) { > -#ifdef RTE_QAT_LIBIPSECMB > - ret =3D > qat_sym_do_precomputes_ipsec_mb(ICP_QAT_HW_AUTH_ALGO_MD5, > - authkey, authkeylen, cdesc->cd_cur_ptr, > &state1_size, > - cdesc->aes_cmac); > +#ifdef RTE_QAT_OPENSSL > + ret =3D > qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_MD5, authkey, > + authkeylen, cdesc->cd_cur_ptr, &state1_size, > + cdesc->aes_cmac); > #else > - QAT_LOG(ERR, "Intel IPSEC-MB LIB missing"); > - return -EFAULT; > + ret =3D > qat_sym_do_precomputes_ipsec_mb(ICP_QAT_HW_AUTH_ALGO_MD5, > + authkey, authkeylen, cdesc->cd_cur_ptr, &state1_size, > + cdesc->aes_cmac); > #endif > - } else { > - ret =3D > qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_MD5, authkey, > - authkeylen, cdesc->cd_cur_ptr, &state1_size, > - cdesc->aes_cmac); > - } > - > if (ret) { > QAT_LOG(ERR, "(MD5)precompute failed"); > return -EFAULT; > @@ -2902,9 +2944,11 @@ qat_security_session_create(void *dev, > return -EINVAL; > } >=20 > +#ifdef RTE_QAT_OPENSSL > #if (OPENSSL_VERSION_NUMBER >=3D 0x30000000L) > if (ossl_legacy_provider_load()) > return -EINVAL; > +#endif > #endif > ret =3D qat_sec_session_set_docsis_parameters(cdev, conf, > sess_private_data, > SECURITY_GET_SESS_PRIV_IOVA(sess)); > @@ -2913,8 +2957,10 @@ qat_security_session_create(void *dev, > return ret; > } >=20 > +#ifdef RTE_QAT_OPENSSL > #if (OPENSSL_VERSION_NUMBER >=3D 0x30000000L) > ossl_legacy_provider_unload(); > +#endif > #endif > return 0; > } > @@ -2927,8 +2973,13 @@ qat_security_session_destroy(void *dev > __rte_unused, > struct qat_sym_session *s =3D (struct qat_sym_session *)sess_priv; >=20 > if (sess_priv) { > +#ifdef RTE_QAT_OPENSSL > if (s->bpi_ctx) > bpi_cipher_ctx_free(s->bpi_ctx); > +#else > + if (s->mb_mgr) > + free_mb_mgr(s->mb_mgr); > +#endif > memset(s, 0, qat_sym_session_get_private_size(dev)); > } >=20 > diff --git a/drivers/crypto/qat/qat_sym_session.h > b/drivers/crypto/qat/qat_sym_session.h > index 9b5d11ac88..ee916b2814 100644 > --- a/drivers/crypto/qat/qat_sym_session.h > +++ b/drivers/crypto/qat/qat_sym_session.h > @@ -15,6 +15,14 @@ > #include "icp_qat_fw.h" > #include "icp_qat_fw_la.h" >=20 > +#ifndef RTE_QAT_OPENSSL > +#if defined(RTE_ARCH_ARM) > +#include > +#else > +#include > +#endif > +#endif > + > /* > * Key Modifier (KM) value used in KASUMI algorithm in F9 mode to XOR > * Integrity Key (IK) > @@ -129,6 +137,12 @@ struct qat_sym_session { > uint32_t slice_types; > enum qat_sym_proto_flag qat_proto_flag; > qat_sym_build_request_t build_request[2]; > +#ifndef RTE_QAT_OPENSSL > + IMB_MGR *mb_mgr; > +#endif > + uint64_t expkey[4*15]; > + uint32_t dust[4*15]; > + uint8_t docsis_key_len; > }; >=20 > int > -- > 2.25.1