From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 5746A42B95; Thu, 25 May 2023 09:28:18 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 3CB5240DDB; Thu, 25 May 2023 09:28:18 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id 753FB40A82 for ; Thu, 25 May 2023 09:28:16 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 34P3eMwr032380; Thu, 25 May 2023 00:28:15 -0700 Received: from nam12-bn8-obe.outbound.protection.outlook.com (mail-bn8nam12lp2171.outbound.protection.outlook.com [104.47.55.171]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3qsspt1w3b-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 25 May 2023 00:28:15 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=SrsqNZiJQ/vYGoCYLEbZzprePF4JxYr/oykJ/vzOgilchQWF4tHOcMX7b0jJ+uu+Dyc+M7NP5Ardrsb/GvW6VJCkJRhS0OndzSzzQmkQEwCKQo5ePYxocJirrAH21ltCB17oV/Ur4NRSAguyHh4/3FegYSjDiY7aL5L3tF7q1H48s49lirmxoYyPHhhYaGgjI+21OfiEmvUyihAirwEfBCFgmm5qHSn2JgCxaGycY3k8u67Hf6eFWhfjoh8+8M1SQsbDxsjz7eMXS8ufB1j860H9CTI0abwDS+GiCrK2BfUZUzrv0xM6jM+SyQ98cYAj7xO9PfwHMubM/wNHxNYHzg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=jKXMV/5YL8nl+uVTYtI4Dx2mkVJ+Odj7C2oLwvwQPNM=; b=Oe4CxqKuPQKe5czBpjO6N8Hn2NNINAmxdVw0iem2kwzJl47WQitkljI6dlbaFDUpbcu6AzWbmocyQUXA5Qdrh4YPu/twGIquWWumcIHcmLA0tA95t6/s4AoKAz6g9uRzQH+EiiBAjkp16MztrWB3YxKNbWhiXIV7FpwcC1ZnNTbiiS+Eqrc20j3GWYckTzfrPJfnYkBRKh2cBoSRhBLYdbBAnnPEnF3sF3RoMNZ/A9bbpqq6R1Qa8/1OgnK0cMVIu2B89xVDOC7zqEJH8IeFKh6vNZLHrcd1q0++EFCXuLgmqJuNT6jNXD2C98ZUlagyh25YdcH7rJAbAlvXkN2FkQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=marvell.com; dmarc=pass action=none header.from=marvell.com; dkim=pass header.d=marvell.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.onmicrosoft.com; s=selector1-marvell-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=jKXMV/5YL8nl+uVTYtI4Dx2mkVJ+Odj7C2oLwvwQPNM=; b=IdYPNA6Cdx6MEVqipVL4UKBCAQB9RFGldqnbdlfQ7pXTGseDIxMNQU2awMxClxBj+ruKSAHUo/+UBIyuVs2BCXM/BH4rcMqAA3QWp2wWA/Osc/dX38VgjhQ9QRDTrGC67DYMqvSQ66PfIoEmAOof3KHxaJ7WpnmizZhiVPQX134= Received: from CO6PR18MB4484.namprd18.prod.outlook.com (2603:10b6:5:359::9) by LV3PR18MB5591.namprd18.prod.outlook.com (2603:10b6:408:198::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6411.29; Thu, 25 May 2023 07:28:11 +0000 Received: from CO6PR18MB4484.namprd18.prod.outlook.com ([fe80::831b:85d2:9a45:8489]) by CO6PR18MB4484.namprd18.prod.outlook.com ([fe80::831b:85d2:9a45:8489%6]) with mapi id 15.20.6433.013; Thu, 25 May 2023 07:28:11 +0000 From: Akhil Goyal To: Brian Dooley , Kai Ji CC: "dev@dpdk.org" Subject: RE: [EXT] [PATCH v3] crypto/qat: default to IPsec MB for pre and post computes Thread-Topic: [EXT] [PATCH v3] crypto/qat: default to IPsec MB for pre and post computes Thread-Index: AQHZjLtVJWhVYsLDCUG4Q5bIz+QbNq9qmxLg Date: Thu, 25 May 2023 07:28:11 +0000 Message-ID: References: <20230519105055.529658-1-brian.dooley@intel.com> <20230522143959.719233-1-brian.dooley@intel.com> In-Reply-To: <20230522143959.719233-1-brian.dooley@intel.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-dg-rorf: true x-dg-ref: =?us-ascii?Q?PG1ldGE+PGF0IG5tPSJib2R5LnR4dCIgcD0iYzpcdXNlcnNcZ2FraGlsXGFw?= =?us-ascii?Q?cGRhdGFccm9hbWluZ1wwOWQ4NDliNi0zMmQzLTRhNDAtODVlZS02Yjg0YmEy?= =?us-ascii?Q?OWUzNWJcbXNnc1xtc2ctYjE0MzhiNTUtZmFjZC0xMWVkLWEwOTMtOTRlNmY3?= =?us-ascii?Q?NjYxOTA3XGFtZS10ZXN0XGIxNDM4YjU3LWZhY2QtMTFlZC1hMDkzLTk0ZTZm?= =?us-ascii?Q?NzY2MTkwN2JvZHkudHh0IiBzej0iNTU4NjQiIHQ9IjEzMzI5NDczMjg3Nzg1?= =?us-ascii?Q?OTI4MiIgaD0iSTJoWisxZjg2Q0hERkFsMERDREZiTXJlaDRnPSIgaWQ9IiIg?= =?us-ascii?Q?Ymw9IjAiIGJvPSIxIiBjaT0iY0FBQUFFUkhVMVJTUlVGTkNnVUFBR0lXQUFE?= =?us-ascii?Q?U2laMXoybzdaQVI3YWNCSDhmV1dPSHRwd0VmeDlaWTRaQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUhBQUFBQnVEd0FBM2c4QUFJUUdBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUVBQVFFQkFBQUFJN3FUcEFDQUFRQUFBQUFBQUFBQUFKNEFBQUJoQUdRQVpB?= =?us-ascii?Q?QnlBR1VBY3dCekFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?RUFBQUFBQUFBQUFnQUFBQUFBbmdBQUFHTUFkUUJ6QUhRQWJ3QnRBRjhBY0FC?= =?us-ascii?Q?bEFISUFjd0J2QUc0QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBUUFBQUFBQUFBQUFBQUFBQVFBQUFBQUFBQUFDQUFB?= =?us-ascii?Q?QUFBQ2VBQUFBWXdCMUFITUFkQUJ2QUcwQVh3QndBR2dBYndCdUFHVUFiZ0Ix?= =?us-ascii?Q?QUcwQVlnQmxBSElBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUJBQUFBQUFBQUFBSUFBQUFBQUo0QUFBQmpBSFVB?= =?us-ascii?Q?Y3dCMEFHOEFiUUJmQUhNQWN3QnVBRjhBWkFCaEFITUFhQUJmQUhZQU1BQXlB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= x-dg-refone: =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFFQUFBQUFBQUFBQWdBQUFBQUFuZ0FBQUdN?= =?us-ascii?Q?QWRRQnpBSFFBYndCdEFGOEFjd0J6QUc0QVh3QnJBR1VBZVFCM0FHOEFjZ0Jr?= =?us-ascii?Q?QUhNQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBUUFBQUFBQUFBQUNBQUFBQUFDZUFBQUFZd0IxQUhNQWRBQnZBRzBB?= =?us-ascii?Q?WHdCekFITUFiZ0JmQUc0QWJ3QmtBR1VBYkFCcEFHMEFhUUIwQUdVQWNnQmZB?= =?us-ascii?Q?SFlBTUFBeUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQkFBQUFBQUFB?= =?us-ascii?Q?QUFJQUFBQUFBSjRBQUFCakFIVUFjd0IwQUc4QWJRQmZBSE1BY3dCdUFGOEFj?= =?us-ascii?Q?d0J3QUdFQVl3QmxBRjhBZGdBd0FESUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUVBQUFBQUFBQUFBZ0FBQUFBQW5nQUFB?= =?us-ascii?Q?R1FBYkFCd0FGOEFjd0JyQUhrQWNBQmxBRjhBWXdCb0FHRUFkQUJmQUcwQVpR?= =?us-ascii?Q?QnpBSE1BWVFCbkFHVUFYd0IyQURBQU1nQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFRQUFBQUFBQUFBQ0FBQUFBQUNlQUFBQVpBQnNBSEFBWHdCekFH?= =?us-ascii?Q?d0FZUUJqQUdzQVh3QmpBR2dBWVFCMEFGOEFiUUJsQUhNQWN3QmhBR2NBWlFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= x-dg-reftwo: =?us-ascii?Q?QUFBQUFBQUFBQUFCQUFBQUFBQUFBQUlBQUFBQUFKNEFBQUJrQUd3QWNBQmZB?= =?us-ascii?Q?SFFBWlFCaEFHMEFjd0JmQUc4QWJnQmxBR1FBY2dCcEFIWUFaUUJmQUdZQWFR?= =?us-ascii?Q?QnNBR1VBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBRUFB?= =?us-ascii?Q?QUFBQUFBQUFnQUFBQUFBbmdBQUFHVUFiUUJoQUdrQWJBQmZBR0VBWkFCa0FI?= =?us-ascii?Q?SUFaUUJ6QUhNQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBUUFBQUFBQUFBQUFBQUFBQVFBQUFBQUFBQUFDQUFBQUFB?= =?us-ascii?Q?Q2VBQUFBYlFCaEFISUFkZ0JsQUd3QVh3QndBSElBYndCcUFHVUFZd0IwQUY4?= =?us-ascii?Q?QWJnQmhBRzBBWlFCekFGOEFZd0J2QUc0QVpnQnBBR1FBWlFCdUFIUUFhUUJo?= =?us-ascii?Q?QUd3QVh3QmhBR3dBYndCdUFHVUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUJBQUFBQUFBQUFBSUFBQUFBQUo0QUFBQnRBR0VBY2dC?= =?us-ascii?Q?MkFHVUFiQUJmQUhBQWNnQnZBR29BWlFCakFIUUFYd0J1QUdFQWJRQmxBSE1B?= =?us-ascii?Q?WHdCeUFHVUFjd0IwQUhJQWFRQmpBSFFBWlFCa0FGOEFZUUJzQUc4QWJnQmxB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFF?= =?us-ascii?Q?QUFBQUFBQUFBQWdBQUFBQUFuZ0FBQUcwQVlRQnlBSFlBWlFCc0FGOEFjQUJ5?= =?us-ascii?Q?QUc4QWFnQmxBR01BZEFCZkFHNEFZUUJ0QUdVQWN3QmZBSElBWlFCekFIUUFj?= =?us-ascii?Q?Z0JwQUdNQWRBQmxBR1FBWHdCb0FHVUFlQUJqQUc4QVpBQmxBSE1BQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBUUFBQUFBQUFBQUNBQUFB?= =?us-ascii?Q?QUFDZUFBQUFiUUJoQUhJQWRnQmxBR3dBYkFCZkFHRUFjZ0J0QUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= x-dg-refthree: =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFCQUFBQUFBQUFBQUFBQUFBQkFBQUFBQUFBQUFJ?= =?us-ascii?Q?QUFBQUFBSjRBQUFCdEFHRUFjZ0IyQUdVQWJBQnNBRjhBWndCdkFHOEFad0Jz?= =?us-ascii?Q?QUdVQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUVBQUFBQUFBQUFBZ0FBQUFBQW5nQUFBRzBB?= =?us-ascii?Q?WVFCeUFIWUFaUUJzQUd3QVh3QndBSElBYndCcUFHVUFZd0IwQUY4QVl3QnZB?= =?us-ascii?Q?R1FBWlFCekFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFRQUFBQUFBQUFBQ0FBQUFBQUNlQUFBQWJRQmhBSElBZGdCbEFHd0Fi?= =?us-ascii?Q?QUJmQUhBQWNnQnZBR29BWlFCakFIUUFYd0JqQUc4QVpBQmxBSE1BWHdCa0FH?= =?us-ascii?Q?a0FZd0IwQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFCQUFBQUFBQUFB?= =?us-ascii?Q?QUlBQUFBQUFKNEFBQUJ0QUdFQWNnQjJBR1VBYkFCc0FGOEFjQUJ5QUc4QWFn?= =?us-ascii?Q?QmxBR01BZEFCZkFHNEFZUUJ0QUdVQWN3QmZBR01BYndCdUFHWUFhUUJrQUdV?= =?us-ascii?Q?QWJnQjBBR2tBWVFCc0FGOEFiUUJoQUhJQWRnQmxBR3dBYkFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBRUFBQUFBQUFBQUFnQUFBQUFBbmdBQUFH?= =?us-ascii?Q?MEFZUUJ5QUhZQVpRQnNBR3dBWHdCd0FISUFid0JxQUdVQVl3QjBBRjhBYmdC?= =?us-ascii?Q?aEFHMEFaUUJ6QUY4QVl3QnZBRzRBWmdCcEFHUUFaUUJ1QUhRQWFRQmhBR3dB?= =?us-ascii?Q?WHdCdEFHRUFjZ0IyQUdVQWJBQnNBRjhBYndCeUFGOEFZUUJ5QUcwQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= x-dg-reffour: =?us-ascii?Q?QUFBQUFBQUFBUUFBQUFBQUFBQUFBQUFBQVFBQUFBQUFBQUFDQUFBQUFBQ2VB?= =?us-ascii?Q?QUFBYlFCaEFISUFkZ0JsQUd3QWJBQmZBSEFBY2dCdkFHb0FaUUJqQUhRQVh3?= =?us-ascii?Q?QnVBR0VBYlFCbEFITUFYd0JqQUc4QWJnQm1BR2tBWkFCbEFHNEFkQUJwQUdF?= =?us-ascii?Q?QWJBQmZBRzBBWVFCeUFIWUFaUUJzQUd3QVh3QnZBSElBWHdCbkFHOEFid0Ju?= =?us-ascii?Q?QUd3QVpRQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUJBQUFBQUFBQUFBSUFBQUFBQUo0QUFBQnRBR0VBY2dCMkFH?= =?us-ascii?Q?VUFiQUJzQUY4QWNBQnlBRzhBYWdCbEFHTUFkQUJmQUc0QVlRQnRBR1VBY3dC?= =?us-ascii?Q?ZkFISUFaUUJ6QUhRQWNnQnBBR01BZEFCbEFHUUFYd0J0QUdFQWNnQjJBR1VB?= =?us-ascii?Q?YkFCc0FBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFFQUFB?= =?us-ascii?Q?QUFBQUFBQWdBQUFBQUFuZ0FBQUcwQVlRQnlBSFlBWlFCc0FHd0FYd0J3QUhJ?= =?us-ascii?Q?QWJ3QnFBR1VBWXdCMEFGOEFiZ0JoQUcwQVpRQnpBRjhBY2dCbEFITUFkQUJ5?= =?us-ascii?Q?QUdrQVl3QjBBR1VBWkFCZkFHMEFZUUJ5QUhZQVpRQnNBR3dBWHdCdkFISUFY?= =?us-ascii?Q?d0JoQUhJQWJRQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBUUFBQUFBQUFBQUNBQUFBQUFD?= =?us-ascii?Q?ZUFBQUFiUUJoQUhJQWRnQmxBR3dBYkFCZkFIUUFaUUJ5QUcwQWFRQnVBSFVB?= =?us-ascii?Q?Y3dBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQkFBQUFBQUFBQUFJQUFBQUFBSjRBQUFCdEFHRUFjZ0Iy?= =?us-ascii?Q?QUdVQWJBQnNBRjhBZHdCdkFISUFaQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB?= =?us-ascii?Q?QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUVB?= =?us-ascii?Q?QUFBQUFBQUFBZ0FBQUFBQWhBWUFBQUFBQUFBY0FBQUFBUUFBQUFBQUFBQ2xO?= =?us-ascii?Q?RkN1N3R0U1NxdUZudUFKT2U1REhBQUFBQUVB?= x-dg-reffive: =?us-ascii?Q?QUFBQUFBQUExMGdmY2IxTHNrZVBPcjVIdlBFMXF5b0FBQUFCQUFBQUlnQUFB?= =?us-ascii?Q?QUFBQUFCakFHOEFiZ0JtQUdrQVpBQmxBRzRBZEFCcEFHRUFiQUFBQUJvR0FB?= =?us-ascii?Q?QVpBQUFBR0FBQUFBQUFBQUJoQUdRQVpBQnlBR1VBY3dCekFBQUFKQUFBQUFF?= =?us-ascii?Q?QUFBQmpBSFVBY3dCMEFHOEFiUUJmQUhBQVpRQnlBSE1BYndCdUFBQUFMZ0FB?= =?us-ascii?Q?QUFBQUFBQmpBSFVBY3dCMEFHOEFiUUJmQUhBQWFBQnZBRzRBWlFCdUFIVUFi?= =?us-ascii?Q?UUJpQUdVQWNnQUFBREFBQUFBQUFBQUFZd0IxQUhNQWRBQnZBRzBBWHdCekFI?= =?us-ascii?Q?TUFiZ0JmQUdRQVlRQnpBR2dBWHdCMkFEQUFNZ0FBQURBQUFBQUFBQUFBWXdC?= =?us-ascii?Q?MUFITUFkQUJ2QUcwQVh3QnpBSE1BYmdCZkFHc0FaUUI1QUhjQWJ3QnlBR1FB?= =?us-ascii?Q?Y3dBQUFENEFBQUFBQUFBQVl3QjFBSE1BZEFCdkFHMEFYd0J6QUhNQWJnQmZB?= =?us-ascii?Q?RzRBYndCa0FHVUFiQUJwQUcwQWFRQjBBR1VBY2dCZkFIWUFNQUF5QUFBQU1n?= =?us-ascii?Q?QUFBQUFBQUFCakFIVUFjd0IwQUc4QWJRQmZBSE1BY3dCdUFGOEFjd0J3QUdF?= =?us-ascii?Q?QVl3QmxBRjhBZGdBd0FESUFBQUErQUFBQUFBQUFBR1FBYkFCd0FGOEFjd0Jy?= =?us-ascii?Q?QUhrQWNBQmxBRjhBWXdCb0FHRUFkQUJmQUcwQVpRQnpBSE1BWVFCbkFHVUFY?= =?us-ascii?Q?d0IyQURBQU1nQUFBRFlBQUFBQUFBQUFaQUJzQUhBQVh3QnpBR3dBWVFCakFH?= =?us-ascii?Q?c0FYd0JqQUdnQVlRQjBBRjhBYlFCbEFITUFjd0JoQUdjQVpRQUFBRGdBQUFB?= =?us-ascii?Q?QUFBQUFaQUJzQUhBQVh3QjBBR1VBWVFCdEFITUFYd0J2QUc0QVpRQmtBSElB?= =?us-ascii?Q?YVFCMkFHVUFYd0JtQUdrQWJBQmxBQUFBSkFBQUFBRUFBQUJsQUcwQVlRQnBB?= =?us-ascii?Q?R3dBWHdCaEFHUUFaQUJ5QUdVQWN3QnpBQUFBV0FBQUFBQUFBQUJ0QUdFQWNn?= =?us-ascii?Q?QjJBR1VBYkFCZkFIQUFjZ0J2QUdvQVpRQmpBSFFBWHdCdUFHRUFiUUJsQUhN?= =?us-ascii?Q?QVh3QmpBRzhBYmdCbUFHa0FaQUJsQUc0QWRBQnBBR0VBYkFCZkFHRUFiQUJ2?= =?us-ascii?Q?QUc0QVpRQUFBRlFBQUFBQUFBQUFiUUJoQUhJQWRnQmxBR3dBWHdCd0FISUFi?= =?us-ascii?Q?d0JxQUdVQVl3QjBBRjhBYmdCaEFHMEFaUUJ6QUY4QWNnQmxBSE1BZEFCeUFH?= =?us-ascii?Q?a0FZd0IwQUdVQVpBQmZBR0VBYkFCdkFHNEFaUUFBQUZvQUFBQUFBQUFBYlFC?= =?us-ascii?Q?aEFISUFkZ0JsQUd3QVh3QndBSElBYndCcUFHVUFZd0IwQUY4QWJnQmhBRzBB?= =?us-ascii?Q?WlFCekFGOEFjZ0JsQUhNQWRBQnlBR2tBWXdCMEFHVUFaQUJmQUdnQVpRQjRB?= =?us-ascii?Q?R01BYndCa0FHVUFjd0FBQUNBQUFBQUJBQUFB?= x-dg-refsix: =?us-ascii?Q?YlFCaEFISUFkZ0JsQUd3QWJBQmZBR0VBY2dCdEFBQUFKZ0FBQUFBQUFBQnRB?= =?us-ascii?Q?R0VBY2dCMkFHVUFiQUJzQUY4QVp3QnZBRzhBWndCc0FHVUFBQUEwQUFBQUFB?= =?us-ascii?Q?QUFBRzBBWVFCeUFIWUFaUUJzQUd3QVh3QndBSElBYndCcUFHVUFZd0IwQUY4?= =?us-ascii?Q?QVl3QnZBR1FBWlFCekFBQUFQZ0FBQUFBQUFBQnRBR0VBY2dCMkFHVUFiQUJz?= =?us-ascii?Q?QUY4QWNBQnlBRzhBYWdCbEFHTUFkQUJmQUdNQWJ3QmtBR1VBY3dCZkFHUUFh?= =?us-ascii?Q?UUJqQUhRQUFBQmVBQUFBQUFBQUFHMEFZUUJ5QUhZQVpRQnNBR3dBWHdCd0FI?= =?us-ascii?Q?SUFid0JxQUdVQVl3QjBBRjhBYmdCaEFHMEFaUUJ6QUY4QVl3QnZBRzRBWmdC?= =?us-ascii?Q?cEFHUUFaUUJ1QUhRQWFRQmhBR3dBWHdCdEFHRUFjZ0IyQUdVQWJBQnNBQUFB?= =?us-ascii?Q?YkFBQUFBRUFBQUJ0QUdFQWNnQjJBR1VBYkFCc0FGOEFjQUJ5QUc4QWFnQmxB?= =?us-ascii?Q?R01BZEFCZkFHNEFZUUJ0QUdVQWN3QmZBR01BYndCdUFHWUFhUUJrQUdVQWJn?= =?us-ascii?Q?QjBBR2tBWVFCc0FGOEFiUUJoQUhJQWRnQmxBR3dBYkFCZkFHOEFjZ0JmQUdF?= =?us-ascii?Q?QWNnQnRBQUFBY2dBQUFBQUFBQUJ0QUdFQWNnQjJBR1VBYkFCc0FGOEFjQUJ5?= =?us-ascii?Q?QUc4QWFnQmxBR01BZEFCZkFHNEFZUUJ0QUdVQWN3QmZBR01BYndCdUFHWUFh?= =?us-ascii?Q?UUJrQUdVQWJnQjBBR2tBWVFCc0FGOEFiUUJoQUhJQWRnQmxBR3dBYkFCZkFH?= =?us-ascii?Q?OEFjZ0JmQUdjQWJ3QnZBR2NBYkFCbEFBQUFXZ0FBQUFBQUFBQnRBR0VBY2dC?= =?us-ascii?Q?MkFHVUFiQUJzQUY4QWNBQnlBRzhBYWdCbEFHTUFkQUJmQUc0QVlRQnRBR1VB?= =?us-ascii?Q?Y3dCZkFISUFaUUJ6QUhRQWNnQnBBR01BZEFCbEFHUUFYd0J0QUdFQWNnQjJB?= =?us-ascii?Q?R1VBYkFCc0FBQUFhQUFBQUFBQUFBQnRBR0VBY2dCMkFHVUFiQUJzQUY4QWNB?= =?us-ascii?Q?QnlBRzhBYWdCbEFHTUFkQUJmQUc0QVlRQnRBR1VBY3dCZkFISUFaUUJ6QUhR?= =?us-ascii?Q?QWNnQnBBR01BZEFCbEFHUUFYd0J0QUdFQWNnQjJBR1VBYkFCc0FGOEFid0J5?= =?us-ascii?Q?QUY4QVlRQnlBRzBBQUFBcUFBQUFBQUFBQUcwQVlRQnlBSFlBWlFCc0FHd0FY?= =?us-ascii?Q?d0IwQUdVQWNnQnRBR2tBYmdCMUFITUFBQUFpQUFBQUFBQUFBRzBBWVFCeUFI?= =?us-ascii?Q?WUFaUUJzQUd3QVh3QjNBRzhBY2dCa0FBQUEiLz48L21ldGE+?= x-dg-tag-bcast: {BB38C8B4-BBDA-40C5-8168-0013E523D1A2} x-ms-publictraffictype: Email x-ms-traffictypediagnostic: CO6PR18MB4484:EE_|LV3PR18MB5591:EE_ x-ms-office365-filtering-correlation-id: e2c50a1c-2c6b-496b-1c0b-08db5cf19811 x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: VRTglc/Tt8qiHbUAo/MG00UP5CNMpfxnnSJOsp8f3Hg0PBjEzqXZ/fIum+cR/9R7iCQghEPpvQoqqf3wP7BFQnsC91K/GYCFme4ZzJkMBs3i+w+Nkdv7QOFbTY/Wk3VXKMw3AR9xaHFNfrwNOmsvIBwwa1oACBmqb7AVCgMJDpqYFKaV20pk15XLFoXdviA6LTUlxRE13RxWnExSnbKaWgEXNgYkqn5YlMsq9gzX28NkusiNsnf2z1Nvidyp50PTjQK8scAPWq8/EwPg3ExibpUzuuy1MrmZzA5v82AZszP9YK9nlCjDzhasKdS9WEzHjuatStgkAstfaI7sbt3taLH+bjDRIFj6MFANWZaNWOJyIo3rpfw4Y1vl/YLQxPtcXIqrg44DIM00tQ7xg2Bvr74gZP+BXZmWF5OajNfbCnkO5HsPYfAy2BErIZnqwLj2PD33ONqnI/9GuHrTII/dk3QaSlyTV2hP4IHFuQepQdfmh2eKghSHoNQpqesMOAMmdALMeny2K2ovZDyIdxWqYkZA130mtXqtLzfQG1sHIbTNL0CgS4+39KYbW8uboeEQMMO3u0HmnJFN6P8kChl1wU7bGlirvVNgRaze4E4jujKs5wpxrkbPg2alcbi/OKPw x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CO6PR18MB4484.namprd18.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230028)(4636009)(376002)(346002)(366004)(39860400002)(396003)(136003)(451199021)(110136005)(66946007)(66476007)(76116006)(64756008)(66556008)(478600001)(4326008)(86362001)(66446008)(41300700001)(7696005)(71200400001)(316002)(38070700005)(8936002)(5660300002)(52536014)(8676002)(55016003)(38100700002)(26005)(33656002)(9686003)(186003)(55236004)(6506007)(122000001)(30864003)(2906002)(83380400001)(559001)(579004); DIR:OUT; SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?glXoNVOwAUoXyykDNJIleJ5gMhIQ8yflJHwGaqdm9uAuw7wd5lAjrqBnXXnp?= =?us-ascii?Q?+xoxyZJ9ue2Px4O+LgjruJU6Af21tmAhFRJ+lL/33bCuiUrQUPdd7PB+QvHb?= =?us-ascii?Q?BbMYqD3eF4EXwXJRHoYjl5xt7PiH1MJG27zgwI4xMksGDP4GH+gQq7JNMQtc?= =?us-ascii?Q?a1uN77BkGeXNwYP1lkPUrYSclYp46Va4bE+S5sXsyAa7IknjzNZHe+Pcymjj?= =?us-ascii?Q?PUqYs45GmNvttLEi4wwWuPjdZJjMi7XRX0FopYG28HiNkkrB053oFGrH2pZB?= =?us-ascii?Q?/gdmStxuVoMvU9LWVFpyYrTrwrIqbGWQvJWMRx44w0vToysZYLnBZgQrxoyA?= =?us-ascii?Q?HtA7ijze9CwpGWoXeF4ehv68E1Y99zy6BqC3JI+kpFio5a94NGFyM/oDPDdv?= =?us-ascii?Q?vsyE0wIxNeFk2pNsPlquq+MZk+FpGDMOCw9w6g/g86sojIigRrSi0cId4fAu?= =?us-ascii?Q?GUXGRxFaIHCKT1QQmnCQAvINqoe5V+X00tHVaYBzvdUxle7lU3C4AQAo9d1+?= =?us-ascii?Q?8Rbm8gBbWVjqs7GANGloDeuRlYVhzi9LwCuetJpRz6N/BEi4TLUvo8ZOP1Nj?= =?us-ascii?Q?vdBTMrgSst9nTwPCEfUJfs/BfzfUxvTJf7eL3g/DzkiJAqhbJosUUdz+NrR8?= =?us-ascii?Q?rV/Unb4XYXBObj3m7f73jCBoCZCMjn/QhVcFv2qtBhRuVHH7dsuGN3ReJzP9?= =?us-ascii?Q?BoUDNlmc/j6Pjnk6mdIg5ZksO8e76CVtrM5FZntWY9TiQiQHlGHoHkMzFOsr?= =?us-ascii?Q?h8TLsHiq4ZfZE/cOjLioCtifzXwgeEv8E9/xFxPOBpq24N65gWrGfyT9ygck?= =?us-ascii?Q?YqDJxPsw3EidEgL4d9rnp38Cn8DcKMd3qOglXlwDAi/yVJGFfHIL4OLJ7KKt?= =?us-ascii?Q?Xis0/TCIzyYlx3zF+3wqMHfW8ZrjCGWIRRQxB0XCA11+cU2zVuVDwDZr7/X7?= =?us-ascii?Q?svGxBgGei3vyOQ9qZnX6vV6SdgFUmBH9aIEZNmLOAoM838ShfabHLHB3nMEP?= =?us-ascii?Q?ivYUU2xY/OKmaXNoZYJJ1vKO4gOdI3UhsCkKzPUZm/BtmFqQBq6da1A3XKy2?= =?us-ascii?Q?h988WzVc23s7yX49fjpEG2qYs2f8qcDDnJDF22Xi7veJ5yjW/Uv0R/j8E6DW?= =?us-ascii?Q?QyqfdDgXRU71BVy9ZvUa3z7kt0jF1/Mj1ZF+YF95PbfJbe9lVXWWCq02Fke6?= =?us-ascii?Q?zE2YHT/+47wXPDF3GTRiK9BLSra/exNIGsakm+VUubYUpPZxVCh3VndPELs1?= =?us-ascii?Q?QmnSwxLT0+TUwzWwPHIz6OeuzsXy+sHW/r1jD89YfpdclBknAsSkKR35eNhb?= =?us-ascii?Q?dXmpoolCPkIvMqPEYbme2PZRiYHYFyet1c489y4iEzWIgi2Qayv1q6zpr0JV?= =?us-ascii?Q?5IOlDFADtY+8/RLYRxC2GTDmcGjF8ZtWMEfgQXazBhIFA1QHV6E7VtY+3CV8?= =?us-ascii?Q?rorLrzuwRgjVEjY9TH/Tb2Ipse+brxQOE2pY6/UlHvZUTR25eD482JGQGIaG?= =?us-ascii?Q?eUFIlwDLIfGRQ4wdp2qNcg1xU9zORf/Q1WZPpl7wK94fc7T85aUsXF35H8fQ?= =?us-ascii?Q?0x3vheyZbZ3U0MteUVTk1m53oFPQqW0YqqyOyLeQ?= Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: marvell.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: CO6PR18MB4484.namprd18.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: e2c50a1c-2c6b-496b-1c0b-08db5cf19811 X-MS-Exchange-CrossTenant-originalarrivaltime: 25 May 2023 07:28:11.0567 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 70e1fb47-1155-421d-87fc-2e58f638b6e0 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: GZnQhwZr4MS9kyd/QeCx0iqSe/bcFbFUMLYsIKBMXQubvGhIX77fXRvNSSEw/svMCTqWD7TIwujuyywCz/XZRw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV3PR18MB5591 X-Proofpoint-GUID: CUtU8E-zU4EbOR3Iw18tdFXrUZU-Uz_f X-Proofpoint-ORIG-GUID: CUtU8E-zU4EbOR3Iw18tdFXrUZU-Uz_f X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.254,Aquarius:18.0.957,Hydra:6.0.573,FMLib:17.11.176.26 definitions=2023-05-25_03,2023-05-24_01,2023-05-22_02 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org > Subject: [EXT] [PATCH v3] crypto/qat: default to IPsec MB for pre and pos= t > computes Please reword the title to make it smaller. And please rebase the patch. It does not apply to top of next-crypto >=20 > Pre and post computations currently use the OpenSSL library by default. > This patch changes the default option to Intel IPsec MB library version > 1.4 for the required computations. If this version of IPsec is not met > it will fallback to use OpenSSL. >=20 > Added version checks for libipsecmb and libcrypto into meson build. > Added directives for detecting IPsec MB or OpenSSL. >=20 > Signed-off-by: Brian Dooley > --- > v3: > Fix checkpatch warnings by replacing return with goto > v2: > OpenSSL code reintroduced as a fallback feature if Intel IPsec MB 1.4 > not available > --- > doc/guides/cryptodevs/qat.rst | 14 +- > drivers/common/qat/meson.build | 30 +- > drivers/common/qat/qat_device.c | 1 - > drivers/common/qat/qat_device.h | 3 +- > drivers/crypto/qat/dev/qat_crypto_pmd_gens.h | 10 + > drivers/crypto/qat/qat_sym.c | 9 +- > drivers/crypto/qat/qat_sym.h | 27 + > drivers/crypto/qat/qat_sym_session.c | 874 ++++++++++--------- > drivers/crypto/qat/qat_sym_session.h | 14 + > 9 files changed, 542 insertions(+), 440 deletions(-) >=20 > diff --git a/doc/guides/cryptodevs/qat.rst b/doc/guides/cryptodevs/qat.rs= t > index ef754106a8..91b32d9639 100644 > --- a/doc/guides/cryptodevs/qat.rst > +++ b/doc/guides/cryptodevs/qat.rst > @@ -294,18 +294,12 @@ by comma. When the same parameter is used more > than once first occurrence of the > is used. > Maximum threshold that can be set is 32. >=20 > -Running QAT PMD with Intel IPSEC MB library for symmetric precomputes > function > +Running QAT PMD with Intel IPsec MB library for symmetric precomputes > function >=20 > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > ~~~~~~~~~~~~~ >=20 > -The QAT PMD use Openssl library for partial hash calculation in symmetir= c > precomputes function by > -default, the following parameter is allow QAT PMD switch over to multi-b= uffer > job API if Intel > -IPSEC MB library installed on system. > - > -- qat_ipsec_mb_lib > - > -To use this feature the user must set the parameter on process start as = a device > additional parameter:: > - > - -a 03:01.1,qat_ipsec_mb_lib=3D1 > +The QAT PMD uses Intel IPsec MB library for partial hash calculation in > symmetric precomputes function by > +default, the minimum required version of IPsec MB library is v1.4. If th= is version > of IPsec is not met it > +will fallback to use OpenSSL >=20 >=20 > Device and driver naming > diff --git a/drivers/common/qat/meson.build > b/drivers/common/qat/meson.build > index b84e5b3c6c..9c5eb99acd 100644 > --- a/drivers/common/qat/meson.build > +++ b/drivers/common/qat/meson.build > @@ -28,30 +28,37 @@ if disable_drivers.contains(qat_compress_path) > endif >=20 > libcrypto =3D dependency('libcrypto', required: false, method: 'pkg-conf= ig') > -if qat_crypto and not libcrypto.found() > - qat_crypto =3D false > - dpdk_drvs_disabled +=3D qat_crypto_path > - set_variable(qat_crypto_path.underscorify() + '_disable_reason', > - 'missing dependency, libcrypto') > -endif >=20 > -IMB_required_ver =3D '1.2.0' > +IMB_required_ver =3D '1.4.0' > IMB_header =3D '#include' > if arch_subdir =3D=3D 'arm' > IMB_header =3D '#include' > endif > libipsecmb =3D cc.find_library('IPSec_MB', required: false) > -libcrypto_3 =3D dependency('libcrypto', required: false, > - method: 'pkg-config', version : '>=3D3.0.0') > -if libipsecmb.found() and libcrypto_3.found() > +if libipsecmb.found() > # version comes with quotes, so we split based on " and take the mid= dle > imb_ver =3D cc.get_define('IMB_VERSION_STR', > prefix : IMB_header).split('"')[1] >=20 > if (imb_ver.version_compare('>=3D' + IMB_required_ver)) > ext_deps +=3D libipsecmb > - dpdk_conf.set('RTE_QAT_LIBIPSECMB', true) > + elif libcrypto.found() > + ext_deps +=3D libcrypto > + dpdk_conf.set('RTE_QAT_OPENSSL', true) > + else > + qat_crypto =3D false > + dpdk_drvs_disabled +=3D qat_crypto_path > + set_variable(qat_crypto_path.underscorify() + '_disable_reason', > + 'missing dependency, libipsecmb or libcrypto') > endif > +elif libcrypto.found() > + ext_deps +=3D libcrypto > + dpdk_conf.set('RTE_QAT_OPENSSL', true) > +else > + qat_crypto =3D false > + dpdk_drvs_disabled +=3D qat_crypto_path > + set_variable(qat_crypto_path.underscorify() + '_disable_reason', > + 'missing dependency, libipsecmb or libcrypto') > endif >=20 > # The driver should not build if both compression and crypto are disable= d > @@ -103,6 +110,5 @@ if qat_crypto > sources +=3D files(join_paths(qat_crypto_relpath, f)) > endforeach > deps +=3D ['security'] > - ext_deps +=3D libcrypto > cflags +=3D ['-DBUILD_QAT_SYM', '-DBUILD_QAT_ASYM'] > endif > diff --git a/drivers/common/qat/qat_device.c > b/drivers/common/qat/qat_device.c > index 8bce2ac073..cf9a89dc0c 100644 > --- a/drivers/common/qat/qat_device.c > +++ b/drivers/common/qat/qat_device.c > @@ -365,7 +365,6 @@ static int qat_pci_probe(struct rte_pci_driver *pci_d= rv > __rte_unused, > struct qat_pci_device *qat_pci_dev; > struct qat_dev_hw_spec_funcs *ops_hw; > struct qat_dev_cmd_param qat_dev_cmd_param[] =3D { > - { QAT_IPSEC_MB_LIB, 0 }, > { SYM_ENQ_THRESHOLD_NAME, 0 }, > { ASYM_ENQ_THRESHOLD_NAME, 0 }, > { COMP_ENQ_THRESHOLD_NAME, 0 }, > diff --git a/drivers/common/qat/qat_device.h > b/drivers/common/qat/qat_device.h > index bc3da04238..873a5583ad 100644 > --- a/drivers/common/qat/qat_device.h > +++ b/drivers/common/qat/qat_device.h > @@ -17,12 +17,11 @@ >=20 > #define QAT_DEV_NAME_MAX_LEN 64 >=20 > -#define QAT_IPSEC_MB_LIB "qat_ipsec_mb_lib" > #define SYM_ENQ_THRESHOLD_NAME "qat_sym_enq_threshold" > #define ASYM_ENQ_THRESHOLD_NAME "qat_asym_enq_threshold" > #define COMP_ENQ_THRESHOLD_NAME "qat_comp_enq_threshold" > #define QAT_CMD_SLICE_MAP "qat_cmd_slice_disable" > -#define QAT_CMD_SLICE_MAP_POS 4 > +#define QAT_CMD_SLICE_MAP_POS 3 > #define MAX_QP_THRESHOLD_SIZE 32 >=20 > /** > diff --git a/drivers/crypto/qat/dev/qat_crypto_pmd_gens.h > b/drivers/crypto/qat/dev/qat_crypto_pmd_gens.h > index 524c291340..b04de0e983 100644 > --- a/drivers/crypto/qat/dev/qat_crypto_pmd_gens.h > +++ b/drivers/crypto/qat/dev/qat_crypto_pmd_gens.h > @@ -82,8 +82,13 @@ qat_bpicipher_preprocess(struct qat_sym_session *ctx, > QAT_DP_HEXDUMP_LOG(DEBUG, "BPI: dst before pre- > process:", > dst, last_block_len); > #endif > +#ifdef RTE_QAT_OPENSSL > op_bpi_cipher_decrypt(last_block, dst, iv, block_len, > last_block_len, ctx->bpi_ctx); > +#else > + bpi_cipher_ipsec(last_block, dst, iv, last_block_len, ctx- > >expkey, > + ctx->mb_mgr, ctx->docsis_key_len); > +#endif > #if RTE_LOG_DP_LEVEL >=3D RTE_LOG_DEBUG > QAT_DP_HEXDUMP_LOG(DEBUG, "BPI: src after pre-process:", > last_block, last_block_len); > @@ -231,7 +236,12 @@ qat_sym_convert_op_to_vec_cipher(struct > rte_crypto_op *op, > cipher_ofs =3D op->sym->cipher.data.offset >> 3; > break; > case 0: > + > +#ifdef RTE_QAT_OPENSSL > if (ctx->bpi_ctx) { > +#else > + if (ctx->mb_mgr) { > +#endif > /* DOCSIS - only send complete blocks to device. > * Process any partial block using CFB mode. > * Even if 0 complete blocks, still send this to device > diff --git a/drivers/crypto/qat/qat_sym.c b/drivers/crypto/qat/qat_sym.c > index 08e92191a3..ac3a44395e 100644 > --- a/drivers/crypto/qat/qat_sym.c > +++ b/drivers/crypto/qat/qat_sym.c > @@ -1,5 +1,5 @@ > /* SPDX-License-Identifier: BSD-3-Clause > - * Copyright(c) 2015-2022 Intel Corporation > + * Copyright(c) 2015-2023 Intel Corporation > */ >=20 > #include > @@ -16,7 +16,6 @@ > #include "qat_qp.h" >=20 > uint8_t qat_sym_driver_id; > -int qat_ipsec_mb_lib; >=20 > struct qat_crypto_gen_dev_ops qat_sym_gen_dev_ops[QAT_N_GENS]; >=20 > @@ -110,7 +109,11 @@ qat_sym_build_request(void *in_op, uint8_t > *out_msg, > struct rte_cryptodev *cdev; > struct qat_cryptodev_private *internals; >=20 > +#ifdef RTE_QAT_OPENSSL > if (unlikely(ctx->bpi_ctx =3D=3D NULL)) { > +#else > + if (unlikely(ctx->mb_mgr =3D=3D NULL)) { > +#endif > QAT_DP_LOG(ERR, "QAT PMD only supports > security" > " operation requests for" > " DOCSIS, op (%p) is not for" > @@ -279,8 +282,6 @@ qat_sym_dev_create(struct qat_pci_device > *qat_pci_dev, > if (!strcmp(qat_dev_cmd_param[i].name, > SYM_ENQ_THRESHOLD_NAME)) > internals->min_enq_burst_threshold =3D > qat_dev_cmd_param[i].val; > - if (!strcmp(qat_dev_cmd_param[i].name, QAT_IPSEC_MB_LIB)) > - qat_ipsec_mb_lib =3D qat_dev_cmd_param[i].val; > if (!strcmp(qat_dev_cmd_param[i].name, > QAT_CMD_SLICE_MAP)) > slice_map =3D qat_dev_cmd_param[i].val; > i++; > diff --git a/drivers/crypto/qat/qat_sym.h b/drivers/crypto/qat/qat_sym.h > index 9a4251e08b..a839f7ad7a 100644 > --- a/drivers/crypto/qat/qat_sym.h > +++ b/drivers/crypto/qat/qat_sym.h > @@ -163,6 +163,20 @@ bpi_cipher_encrypt(uint8_t *src, uint8_t *dst, > return -EINVAL; > } >=20 > +#ifndef RTE_QAT_OPENSSL > +static __rte_always_inline void > +bpi_cipher_ipsec(uint8_t *src, uint8_t *dst, uint8_t *iv, int srclen, > + uint64_t *expkey, IMB_MGR *m, uint8_t docsis_key_len) > +{ > + if (docsis_key_len =3D=3D ICP_QAT_HW_AES_128_KEY_SZ) > + IMB_AES128_CFB_ONE(m, dst, src, (uint64_t *)iv, expkey, > srclen); > + else if (docsis_key_len =3D=3D ICP_QAT_HW_AES_256_KEY_SZ) > + IMB_AES256_CFB_ONE(m, dst, src, (uint64_t *)iv, expkey, > srclen); > + else if (docsis_key_len =3D=3D ICP_QAT_HW_DES_KEY_SZ) > + des_cfb_one(dst, src, (uint64_t *)iv, expkey, srclen); > +} > +#endif > + > static inline uint32_t > qat_bpicipher_postprocess(struct qat_sym_session *ctx, > struct rte_crypto_op *op) > @@ -207,8 +221,13 @@ qat_bpicipher_postprocess(struct qat_sym_session > *ctx, > "BPI: dst before post-process:", > dst, last_block_len); > #endif > +#ifdef RTE_QAT_OPENSSL > bpi_cipher_encrypt(last_block, dst, iv, block_len, > last_block_len, ctx->bpi_ctx); > +#else > + bpi_cipher_ipsec(last_block, dst, iv, last_block_len, ctx- > >expkey, > + ctx->mb_mgr, ctx->docsis_key_len); > +#endif > #if RTE_LOG_DP_LEVEL >=3D RTE_LOG_DEBUG > QAT_DP_HEXDUMP_LOG(DEBUG, "BPI: src after post-process:", > last_block, last_block_len); > @@ -279,7 +298,11 @@ qat_sym_preprocess_requests(void **ops, uint16_t > nb_ops) > if (op->sess_type =3D=3D RTE_CRYPTO_OP_SECURITY_SESSION) { > ctx =3D SECURITY_GET_SESS_PRIV(op->sym->session); >=20 > +#ifdef RTE_QAT_OPENSSL > if (ctx =3D=3D NULL || ctx->bpi_ctx =3D=3D NULL) > +#else > + if (ctx =3D=3D NULL || ctx->mb_mgr =3D=3D NULL) > +#endif > continue; >=20 > qat_crc_generate(ctx, op); > @@ -327,7 +350,11 @@ qat_sym_process_response(void **op, uint8_t *resp, > void *op_cookie, > } else { > rx_op->status =3D RTE_CRYPTO_OP_STATUS_SUCCESS; >=20 > +#ifdef RTE_QAT_OPENSSL > if (sess->bpi_ctx) { > +#else > + if (sess->mb_mgr) { > +#endif > qat_bpicipher_postprocess(sess, rx_op); > #ifdef RTE_LIB_SECURITY > if (is_docsis_sec) > diff --git a/drivers/crypto/qat/qat_sym_session.c > b/drivers/crypto/qat/qat_sym_session.c > index 6ad6c7ee3a..07e01e8f60 100644 > --- a/drivers/crypto/qat/qat_sym_session.c > +++ b/drivers/crypto/qat/qat_sym_session.c > @@ -9,7 +9,7 @@ > #include /* Needed to calculate pre-compute values */ > #include /* Needed for bpi runt block processing */ >=20 > -#ifdef RTE_QAT_LIBIPSECMB > +#ifndef RTE_QAT_OPENSSL > #define NO_COMPAT_IMB_API_053 > #if defined(RTE_ARCH_ARM) > #include > @@ -33,6 +33,7 @@ > #include "qat_sym_session.h" > #include "qat_sym.h" >=20 > +#ifdef RTE_QAT_OPENSSL > #if (OPENSSL_VERSION_NUMBER >=3D 0x30000000L) > #include >=20 > @@ -65,8 +66,7 @@ static void ossl_legacy_provider_unload(void) > OSSL_PROVIDER_unload(default_lib); > } > #endif > - > -extern int qat_ipsec_mb_lib; > +#endif >=20 > /* SHA1 - 20 bytes - Initialiser state can be found in FIPS stds 180-2 *= / > static const uint8_t sha1InitialState[] =3D { > @@ -133,6 +133,7 @@ qat_sym_session_finalize(struct qat_sym_session > *session) > qat_sym_session_init_common_hdr(session); > } >=20 > +#ifdef RTE_QAT_OPENSSL > /** Frees a context previously created > * Depends on openssl libcrypto > */ > @@ -183,6 +184,51 @@ bpi_cipher_ctx_init(enum rte_crypto_cipher_algorithm > cryptodev_algo, > } > return ret; > } > +#endif > + > +#ifndef RTE_QAT_OPENSSL > +/** Creates a context in either AES or DES in ECB mode > + */ > +static int > +ipsec_mb_ctx_init(const uint8_t *key, uint16_t key_length, > + enum rte_crypto_cipher_algorithm cryptodev_algo, > + uint64_t *expkey, uint32_t *dust, IMB_MGR **m) > +{ > + int ret; > + > + *m =3D alloc_mb_mgr(0); > + if (*m =3D=3D NULL) > + return -ENOMEM; > + > + init_mb_mgr_auto(*m, NULL); > + > + if (cryptodev_algo =3D=3D RTE_CRYPTO_CIPHER_AES_DOCSISBPI) { > + if (key_length =3D=3D ICP_QAT_HW_AES_128_KEY_SZ) > + IMB_AES_KEYEXP_128(*m, key, expkey, dust); > + else if (key_length =3D=3D ICP_QAT_HW_AES_256_KEY_SZ) > + IMB_AES_KEYEXP_256(*m, key, expkey, dust); > + else { > + ret =3D -EFAULT; > + goto error_out; > + } > + } else if (cryptodev_algo =3D=3D RTE_CRYPTO_CIPHER_DES_DOCSISBPI) { > + if (key_length =3D=3D ICP_QAT_HW_DES_KEY_SZ) > + IMB_DES_KEYSCHED(*m, (uint64_t *)expkey, key); > + else { > + ret =3D -EFAULT; > + goto error_out; > + } > + } > + return 0; > + > +error_out: > + if (*m) { > + free_mb_mgr(*m); > + *m =3D NULL; > + } > + return ret; > +} > +#endif >=20 > static int > qat_is_cipher_alg_supported(enum rte_crypto_cipher_algorithm algo, > @@ -232,8 +278,13 @@ qat_sym_session_clear(struct rte_cryptodev *dev > __rte_unused, > { > struct qat_sym_session *s =3D CRYPTODEV_GET_SYM_SESS_PRIV(sess); >=20 > +#ifdef RTE_QAT_OPENSSL > if (s->bpi_ctx) > bpi_cipher_ctx_free(s->bpi_ctx); > +#else > + if (s->mb_mgr) > + free_mb_mgr(s->mb_mgr); > +#endif > } >=20 > static int > @@ -396,12 +447,23 @@ qat_sym_session_configure_cipher(struct > rte_cryptodev *dev, > session->qat_mode =3D ICP_QAT_HW_CIPHER_CTR_MODE; > break; > case RTE_CRYPTO_CIPHER_DES_DOCSISBPI: > +#ifdef RTE_QAT_OPENSSL > ret =3D bpi_cipher_ctx_init( > cipher_xform->algo, > cipher_xform->op, > cipher_xform->key.data, > cipher_xform->key.length, > &session->bpi_ctx); > +#else > + session->docsis_key_len =3D cipher_xform->key.length; > + ret =3D ipsec_mb_ctx_init( > + cipher_xform->key.data, > + cipher_xform->key.length, > + cipher_xform->algo, > + session->expkey, > + session->dust, > + &session->mb_mgr); > +#endif > if (ret !=3D 0) { > QAT_LOG(ERR, "failed to create DES BPI ctx"); > goto error_out; > @@ -415,12 +477,23 @@ qat_sym_session_configure_cipher(struct > rte_cryptodev *dev, > session->qat_mode =3D ICP_QAT_HW_CIPHER_CBC_MODE; > break; > case RTE_CRYPTO_CIPHER_AES_DOCSISBPI: > +#ifdef RTE_QAT_OPENSSL > ret =3D bpi_cipher_ctx_init( > cipher_xform->algo, > cipher_xform->op, > cipher_xform->key.data, > cipher_xform->key.length, > &session->bpi_ctx); > +#else > + session->docsis_key_len =3D cipher_xform->key.length; > + ret =3D ipsec_mb_ctx_init( > + cipher_xform->key.data, > + cipher_xform->key.length, > + cipher_xform->algo, > + session->expkey, > + session->dust, > + &session->mb_mgr); > +#endif > if (ret !=3D 0) { > QAT_LOG(ERR, "failed to create AES BPI ctx"); > goto error_out; > @@ -506,10 +579,18 @@ qat_sym_session_configure_cipher(struct > rte_cryptodev *dev, > return 0; >=20 > error_out: > +#ifdef RTE_QAT_OPENSSL > if (session->bpi_ctx) { > bpi_cipher_ctx_free(session->bpi_ctx); > session->bpi_ctx =3D NULL; > } > +#else > + if (session->mb_mgr) { > + free_mb_mgr(session->mb_mgr); > + session->mb_mgr =3D NULL; > + } > + > +#endif > return ret; > } >=20 > @@ -520,8 +601,10 @@ qat_sym_session_configure(struct rte_cryptodev *dev, > { > int ret; >=20 > +#ifdef RTE_QAT_OPENSSL > #if (OPENSSL_VERSION_NUMBER >=3D 0x30000000L) > ossl_legacy_provider_load(); > +#endif > #endif > ret =3D qat_sym_session_set_parameters(dev, xform, > CRYPTODEV_GET_SYM_SESS_PRIV(sess), > @@ -533,8 +616,10 @@ qat_sym_session_configure(struct rte_cryptodev *dev, > return ret; > } >=20 > +#ifdef RTE_QAT_OPENSSL > # if (OPENSSL_VERSION_NUMBER >=3D 0x30000000L) > ossl_legacy_provider_unload(); > +# endif > # endif > return 0; > } > @@ -1156,57 +1241,91 @@ static int qat_hash_get_block_size(enum > icp_qat_hw_auth_algo qat_hash_alg) > #define HMAC_OPAD_VALUE 0x5c > #define HASH_XCBC_PRECOMP_KEY_NUM 3 >=20 > -static const uint8_t AES_CMAC_SEED[ICP_QAT_HW_AES_128_KEY_SZ]; > +#ifdef RTE_QAT_OPENSSL > +static int partial_hash_sha1(uint8_t *data_in, uint8_t *data_out) > +{ > + SHA_CTX ctx; >=20 > -#ifdef RTE_QAT_LIBIPSECMB > -static int aes_ipsecmb_job(uint8_t *in, uint8_t *out, IMB_MGR *m, > - const uint8_t *key, uint16_t auth_keylen) > + if (!SHA1_Init(&ctx)) > + return -EFAULT; > + SHA1_Transform(&ctx, data_in); > + rte_memcpy(data_out, &ctx, SHA_DIGEST_LENGTH); > + return 0; > +} > + > +static int partial_hash_sha224(uint8_t *data_in, uint8_t *data_out) > { > - int err; > - struct IMB_JOB *job; > - DECLARE_ALIGNED(uint32_t expkey[4*15], 16); > - DECLARE_ALIGNED(uint32_t dust[4*15], 16); > + SHA256_CTX ctx; >=20 > - if (auth_keylen =3D=3D ICP_QAT_HW_AES_128_KEY_SZ) > - IMB_AES_KEYEXP_128(m, key, expkey, dust); > - else if (auth_keylen =3D=3D ICP_QAT_HW_AES_192_KEY_SZ) > - IMB_AES_KEYEXP_192(m, key, expkey, dust); > - else if (auth_keylen =3D=3D ICP_QAT_HW_AES_256_KEY_SZ) > - IMB_AES_KEYEXP_256(m, key, expkey, dust); > - else > + if (!SHA224_Init(&ctx)) > return -EFAULT; > + SHA256_Transform(&ctx, data_in); > + rte_memcpy(data_out, &ctx, SHA256_DIGEST_LENGTH); > + return 0; > +} >=20 > - job =3D IMB_GET_NEXT_JOB(m); > +static int partial_hash_sha256(uint8_t *data_in, uint8_t *data_out) > +{ > + SHA256_CTX ctx; >=20 > - job->src =3D in; > - job->dst =3D out; > - job->enc_keys =3D expkey; > - job->key_len_in_bytes =3D auth_keylen; > - job->msg_len_to_cipher_in_bytes =3D 16; > - job->iv_len_in_bytes =3D 0; > - job->cipher_direction =3D IMB_DIR_ENCRYPT; > - job->cipher_mode =3D IMB_CIPHER_ECB; > - job->hash_alg =3D IMB_AUTH_NULL; > + if (!SHA256_Init(&ctx)) > + return -EFAULT; > + SHA256_Transform(&ctx, data_in); > + rte_memcpy(data_out, &ctx, SHA256_DIGEST_LENGTH); > + return 0; > +} >=20 > - while (IMB_FLUSH_JOB(m) !=3D NULL) > - ; > +static int partial_hash_sha384(uint8_t *data_in, uint8_t *data_out) > +{ > + SHA512_CTX ctx; >=20 > - job =3D IMB_SUBMIT_JOB(m); > - if (job) { > - if (job->status =3D=3D IMB_STATUS_COMPLETED) > - return 0; > - } > + if (!SHA384_Init(&ctx)) > + return -EFAULT; > + SHA512_Transform(&ctx, data_in); > + rte_memcpy(data_out, &ctx, SHA512_DIGEST_LENGTH); > + return 0; > +} >=20 > - err =3D imb_get_errno(m); > - if (err) > - QAT_LOG(ERR, "Error: %s!\n", imb_get_strerror(err)); > +static int partial_hash_sha512(uint8_t *data_in, uint8_t *data_out) > +{ > + SHA512_CTX ctx; >=20 > - return -EFAULT; > + if (!SHA512_Init(&ctx)) > + return -EFAULT; > + SHA512_Transform(&ctx, data_in); > + rte_memcpy(data_out, &ctx, SHA512_DIGEST_LENGTH); > + return 0; > +} > + > +static int partial_hash_md5(uint8_t *data_in, uint8_t *data_out) > +{ > + MD5_CTX ctx; > + > + if (!MD5_Init(&ctx)) > + return -EFAULT; > + MD5_Transform(&ctx, data_in); > + rte_memcpy(data_out, &ctx, MD5_DIGEST_LENGTH); > + > + return 0; > +} > + > +static void aes_cmac_key_derive(uint8_t *base, uint8_t *derived) > +{ > + int i; > + > + derived[0] =3D base[0] << 1; > + for (i =3D 1; i < ICP_QAT_HW_AES_BLK_SZ ; i++) { > + derived[i] =3D base[i] << 1; > + derived[i - 1] |=3D base[i] >> 7; > + } > + > + if (base[0] & 0x80) > + derived[ICP_QAT_HW_AES_BLK_SZ - 1] ^=3D > QAT_AES_CMAC_CONST_RB; > } >=20 > static int > -partial_hash_compute_ipsec_mb(enum icp_qat_hw_auth_algo hash_alg, > - uint8_t *data_in, uint8_t *data_out, IMB_MGR *m) > +partial_hash_compute(enum icp_qat_hw_auth_algo hash_alg, > + uint8_t *data_in, uint8_t *data_out) > { > int digest_size; > uint8_t digest[qat_hash_get_digest_size( > @@ -1227,37 +1346,43 @@ partial_hash_compute_ipsec_mb(enum > icp_qat_hw_auth_algo hash_alg, >=20 > switch (hash_alg) { > case ICP_QAT_HW_AUTH_ALGO_SHA1: > - IMB_SHA1_ONE_BLOCK(m, data_in, digest); > + if (partial_hash_sha1(data_in, digest)) > + return -EFAULT; > for (i =3D 0; i < digest_size >> 2; i++, hash_state_out_be32++) > *hash_state_out_be32 =3D > rte_bswap32(*(((uint32_t *)digest)+i)); > break; > case ICP_QAT_HW_AUTH_ALGO_SHA224: > - IMB_SHA224_ONE_BLOCK(m, data_in, digest); > + if (partial_hash_sha224(data_in, digest)) > + return -EFAULT; > for (i =3D 0; i < digest_size >> 2; i++, hash_state_out_be32++) > *hash_state_out_be32 =3D > rte_bswap32(*(((uint32_t *)digest)+i)); > break; > case ICP_QAT_HW_AUTH_ALGO_SHA256: > - IMB_SHA256_ONE_BLOCK(m, data_in, digest); > + if (partial_hash_sha256(data_in, digest)) > + return -EFAULT; > for (i =3D 0; i < digest_size >> 2; i++, hash_state_out_be32++) > *hash_state_out_be32 =3D > rte_bswap32(*(((uint32_t *)digest)+i)); > break; > case ICP_QAT_HW_AUTH_ALGO_SHA384: > - IMB_SHA384_ONE_BLOCK(m, data_in, digest); > + if (partial_hash_sha384(data_in, digest)) > + return -EFAULT; > for (i =3D 0; i < digest_size >> 3; i++, hash_state_out_be64++) > *hash_state_out_be64 =3D > rte_bswap64(*(((uint64_t *)digest)+i)); > break; > case ICP_QAT_HW_AUTH_ALGO_SHA512: > - IMB_SHA512_ONE_BLOCK(m, data_in, digest); > + if (partial_hash_sha512(data_in, digest)) > + return -EFAULT; > for (i =3D 0; i < digest_size >> 3; i++, hash_state_out_be64++) > *hash_state_out_be64 =3D > rte_bswap64(*(((uint64_t *)digest)+i)); > break; > case ICP_QAT_HW_AUTH_ALGO_MD5: > - IMB_MD5_ONE_BLOCK(m, data_in, data_out); > + if (partial_hash_md5(data_in, data_out)) > + return -EFAULT; > break; > default: > QAT_LOG(ERR, "invalid hash alg %u", hash_alg); > @@ -1267,108 +1392,150 @@ partial_hash_compute_ipsec_mb(enum > icp_qat_hw_auth_algo hash_alg, > return 0; > } >=20 > -static int qat_sym_do_precomputes_ipsec_mb(enum icp_qat_hw_auth_algo > hash_alg, > +static const uint8_t AES_CMAC_SEED[ICP_QAT_HW_AES_128_KEY_SZ]; > + > +static int qat_sym_do_precomputes(enum icp_qat_hw_auth_algo hash_alg, > const uint8_t *auth_key, > uint16_t auth_keylen, > uint8_t *p_state_buf, > uint16_t *p_state_len, > uint8_t aes_cmac) > { > - int block_size =3D 0; > + int block_size; > uint8_t > ipad[qat_hash_get_block_size(ICP_QAT_HW_AUTH_ALGO_DELIMITER)]; > uint8_t > opad[qat_hash_get_block_size(ICP_QAT_HW_AUTH_ALGO_DELIMITER)]; > - int i, ret =3D 0; > - uint8_t in[ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ]; > - > - IMB_MGR *m; > - m =3D alloc_mb_mgr(0); > - if (m =3D=3D NULL) > - return -ENOMEM; > + int i; >=20 > - init_mb_mgr_auto(m, NULL); > - memset(in, 0, ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ); > if (hash_alg =3D=3D ICP_QAT_HW_AUTH_ALGO_AES_XCBC_MAC) { >=20 > /* CMAC */ > if (aes_cmac) { > + AES_KEY enc_key; > + uint8_t *in =3D NULL; > + uint8_t k0[ICP_QAT_HW_AES_128_KEY_SZ]; > uint8_t *k1, *k2; > + > auth_keylen =3D ICP_QAT_HW_AES_128_KEY_SZ; > - rte_memcpy(p_state_buf, auth_key, auth_keylen); >=20 > - DECLARE_ALIGNED(uint32_t expkey[4*15], 16); > - DECLARE_ALIGNED(uint32_t dust[4*15], 16); > - IMB_AES_KEYEXP_128(m, p_state_buf, expkey, dust); > - k1 =3D p_state_buf + > ICP_QAT_HW_AES_XCBC_MAC_STATE1_SZ; > - k2 =3D k1 + ICP_QAT_HW_AES_XCBC_MAC_STATE1_SZ; > + in =3D rte_zmalloc("AES CMAC K1", > + ICP_QAT_HW_AES_128_KEY_SZ, 16); >=20 > - IMB_AES_CMAC_SUBKEY_GEN_128(m, expkey, k1, k2); > - *p_state_len =3D > ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ; > - goto out; > - } > + if (in =3D=3D NULL) { > + QAT_LOG(ERR, "Failed to alloc memory"); > + return -ENOMEM; > + } >=20 > - static uint8_t qat_aes_xcbc_key_seed[ > - ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ] =3D { > - 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, > - 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, > - 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, > - 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, > - 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, > - 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, > - }; > + rte_memcpy(in, AES_CMAC_SEED, > + ICP_QAT_HW_AES_128_KEY_SZ); > + rte_memcpy(p_state_buf, auth_key, auth_keylen); >=20 > - uint8_t *input =3D in; > - uint8_t *out =3D p_state_buf; > - rte_memcpy(input, qat_aes_xcbc_key_seed, > - ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ); > - for (i =3D 0; i < HASH_XCBC_PRECOMP_KEY_NUM; i++) { > - if (aes_ipsecmb_job(input, out, m, auth_key, > auth_keylen)) { > - memset(input - > - (i * ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ), > - 0, > ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ); > - ret =3D -EFAULT; > - goto out; > + if (AES_set_encrypt_key(auth_key, auth_keylen << 3, > + &enc_key) !=3D 0) { > + rte_free(in); > + return -EFAULT; > } >=20 > - input +=3D ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ; > - out +=3D ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ; > - } > - *p_state_len =3D ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ; > - goto out; > + AES_encrypt(in, k0, &enc_key); >=20 > - } else if ((hash_alg =3D=3D ICP_QAT_HW_AUTH_ALGO_GALOIS_128) || > - (hash_alg =3D=3D ICP_QAT_HW_AUTH_ALGO_GALOIS_64)) { > - uint8_t *out =3D p_state_buf; > + k1 =3D p_state_buf + > ICP_QAT_HW_AES_XCBC_MAC_STATE1_SZ; > + k2 =3D k1 + ICP_QAT_HW_AES_XCBC_MAC_STATE1_SZ; >=20 > - memset(p_state_buf, 0, ICP_QAT_HW_GALOIS_H_SZ + > - ICP_QAT_HW_GALOIS_LEN_A_SZ + > - ICP_QAT_HW_GALOIS_E_CTR0_SZ); > - if (aes_ipsecmb_job(in, out, m, auth_key, auth_keylen)) { > - ret =3D -EFAULT; > - goto out; > - } > + aes_cmac_key_derive(k0, k1); > + aes_cmac_key_derive(k1, k2); >=20 > - *p_state_len =3D ICP_QAT_HW_GALOIS_H_SZ + > + memset(k0, 0, ICP_QAT_HW_AES_128_KEY_SZ); > + *p_state_len =3D > ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ; > + rte_free(in); > + goto out; > + } else { > + static uint8_t qat_aes_xcbc_key_seed[ > + > ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ] =3D { > + 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, > + 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, > + 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, > + 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, > + 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, > + 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, > + }; > + > + uint8_t *in =3D NULL; > + uint8_t *out =3D p_state_buf; > + int x; > + AES_KEY enc_key; > + > + in =3D rte_zmalloc("working mem for key", > + > ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ, 16); > + if (in =3D=3D NULL) { > + QAT_LOG(ERR, "Failed to alloc memory"); > + return -ENOMEM; > + } > + > + rte_memcpy(in, qat_aes_xcbc_key_seed, > + > ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ); > + for (x =3D 0; x < HASH_XCBC_PRECOMP_KEY_NUM; x++) { > + if (AES_set_encrypt_key(auth_key, > + auth_keylen << 3, > + &enc_key) !=3D 0) { > + rte_free(in - > + (x * > ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ)); > + memset(out - > + (x * > ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ), > + 0, > ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ); > + return -EFAULT; > + } > + AES_encrypt(in, out, &enc_key); > + in +=3D ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ; > + out +=3D ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ; > + } > + *p_state_len =3D > ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ; > + rte_free(in - x*ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ); > + goto out; > + } > + > + } else if ((hash_alg =3D=3D ICP_QAT_HW_AUTH_ALGO_GALOIS_128) || > + (hash_alg =3D=3D ICP_QAT_HW_AUTH_ALGO_GALOIS_64)) { > + uint8_t *in =3D NULL; > + uint8_t *out =3D p_state_buf; > + AES_KEY enc_key; > + > + memset(p_state_buf, 0, ICP_QAT_HW_GALOIS_H_SZ + > + ICP_QAT_HW_GALOIS_LEN_A_SZ + > + ICP_QAT_HW_GALOIS_E_CTR0_SZ); > + in =3D rte_zmalloc("working mem for key", > + ICP_QAT_HW_GALOIS_H_SZ, 16); > + if (in =3D=3D NULL) { > + QAT_LOG(ERR, "Failed to alloc memory"); > + return -ENOMEM; > + } > + > + memset(in, 0, ICP_QAT_HW_GALOIS_H_SZ); > + if (AES_set_encrypt_key(auth_key, auth_keylen << 3, > + &enc_key) !=3D 0) { > + return -EFAULT; > + } > + AES_encrypt(in, out, &enc_key); > + *p_state_len =3D ICP_QAT_HW_GALOIS_H_SZ + > ICP_QAT_HW_GALOIS_LEN_A_SZ + > ICP_QAT_HW_GALOIS_E_CTR0_SZ; > - goto out; > + rte_free(in); > + return 0; > } >=20 > block_size =3D qat_hash_get_block_size(hash_alg); > - if (block_size < 0) { > - free_mb_mgr(m); > + if (block_size < 0) > return block_size; > - } > + /* init ipad and opad from key and xor with fixed values */ > + memset(ipad, 0, block_size); > + memset(opad, 0, block_size); >=20 > if (auth_keylen > (unsigned int)block_size) { > QAT_LOG(ERR, "invalid keylen %u", auth_keylen); > - ret =3D -EFAULT; > - goto out; > + return -EFAULT; > } > - /* init ipad and opad from key and xor with fixed values */ > - memset(ipad, 0, block_size); > - memset(opad, 0, block_size); > + > RTE_VERIFY(auth_keylen <=3D sizeof(ipad)); > RTE_VERIFY(auth_keylen <=3D sizeof(opad)); > + > rte_memcpy(ipad, auth_key, auth_keylen); > rte_memcpy(opad, auth_key, auth_keylen); >=20 > @@ -1380,10 +1547,11 @@ static int > qat_sym_do_precomputes_ipsec_mb(enum icp_qat_hw_auth_algo hash_alg, > } >=20 > /* do partial hash of ipad and copy to state1 */ > - if (partial_hash_compute_ipsec_mb(hash_alg, ipad, p_state_buf, m)) { > + if (partial_hash_compute(hash_alg, ipad, p_state_buf)) { > + memset(ipad, 0, block_size); > + memset(opad, 0, block_size); > QAT_LOG(ERR, "ipad precompute failed"); > - ret =3D -EFAULT; > - goto out; > + return -EFAULT; > } >=20 > /* > @@ -1391,105 +1559,70 @@ static int > qat_sym_do_precomputes_ipsec_mb(enum icp_qat_hw_auth_algo hash_alg, > * Put the partial hash of opad state_len bytes after state1 > */ > *p_state_len =3D qat_hash_get_state1_size(hash_alg); > - if (partial_hash_compute_ipsec_mb(hash_alg, opad, > - p_state_buf + *p_state_len, m)) { > + if (partial_hash_compute(hash_alg, opad, p_state_buf + *p_state_len)) { > + memset(ipad, 0, block_size); > + memset(opad, 0, block_size); > QAT_LOG(ERR, "opad precompute failed"); > - ret =3D -EFAULT; > - goto out; > + return -EFAULT; > } >=20 > -out: > /* don't leave data lying around */ > memset(ipad, 0, block_size); > memset(opad, 0, block_size); > - free_mb_mgr(m); > - return ret; > -} > -#endif > -static int partial_hash_sha1(uint8_t *data_in, uint8_t *data_out) > -{ > - SHA_CTX ctx; > - > - if (!SHA1_Init(&ctx)) > - return -EFAULT; > - SHA1_Transform(&ctx, data_in); > - rte_memcpy(data_out, &ctx, SHA_DIGEST_LENGTH); > - return 0; > -} > - > -static int partial_hash_sha224(uint8_t *data_in, uint8_t *data_out) > -{ > - SHA256_CTX ctx; > - > - if (!SHA224_Init(&ctx)) > - return -EFAULT; > - SHA256_Transform(&ctx, data_in); > - rte_memcpy(data_out, &ctx, SHA256_DIGEST_LENGTH); > - return 0; > -} > - > -static int partial_hash_sha256(uint8_t *data_in, uint8_t *data_out) > -{ > - SHA256_CTX ctx; > - > - if (!SHA256_Init(&ctx)) > - return -EFAULT; > - SHA256_Transform(&ctx, data_in); > - rte_memcpy(data_out, &ctx, SHA256_DIGEST_LENGTH); > +out: > return 0; > } >=20 > -static int partial_hash_sha384(uint8_t *data_in, uint8_t *data_out) > -{ > - SHA512_CTX ctx; > - > - if (!SHA384_Init(&ctx)) > - return -EFAULT; > - SHA512_Transform(&ctx, data_in); > - rte_memcpy(data_out, &ctx, SHA512_DIGEST_LENGTH); > - return 0; > -} > +#else >=20 > -static int partial_hash_sha512(uint8_t *data_in, uint8_t *data_out) > +static int aes_ipsecmb_job(uint8_t *in, uint8_t *out, IMB_MGR *m, > + const uint8_t *key, uint16_t auth_keylen) > { > - SHA512_CTX ctx; > + int err; > + struct IMB_JOB *job; > + DECLARE_ALIGNED(uint32_t expkey[4*15], 16); > + DECLARE_ALIGNED(uint32_t dust[4*15], 16); >=20 > - if (!SHA512_Init(&ctx)) > + if (auth_keylen =3D=3D ICP_QAT_HW_AES_128_KEY_SZ) > + IMB_AES_KEYEXP_128(m, key, expkey, dust); > + else if (auth_keylen =3D=3D ICP_QAT_HW_AES_192_KEY_SZ) > + IMB_AES_KEYEXP_192(m, key, expkey, dust); > + else if (auth_keylen =3D=3D ICP_QAT_HW_AES_256_KEY_SZ) > + IMB_AES_KEYEXP_256(m, key, expkey, dust); > + else > return -EFAULT; > - SHA512_Transform(&ctx, data_in); > - rte_memcpy(data_out, &ctx, SHA512_DIGEST_LENGTH); > - return 0; > -} >=20 > -static int partial_hash_md5(uint8_t *data_in, uint8_t *data_out) > -{ > - MD5_CTX ctx; > - > - if (!MD5_Init(&ctx)) > - return -EFAULT; > - MD5_Transform(&ctx, data_in); > - rte_memcpy(data_out, &ctx, MD5_DIGEST_LENGTH); > + job =3D IMB_GET_NEXT_JOB(m); >=20 > - return 0; > -} > + job->src =3D in; > + job->dst =3D out; > + job->enc_keys =3D expkey; > + job->key_len_in_bytes =3D auth_keylen; > + job->msg_len_to_cipher_in_bytes =3D 16; > + job->iv_len_in_bytes =3D 0; > + job->cipher_direction =3D IMB_DIR_ENCRYPT; > + job->cipher_mode =3D IMB_CIPHER_ECB; > + job->hash_alg =3D IMB_AUTH_NULL; >=20 > -static void aes_cmac_key_derive(uint8_t *base, uint8_t *derived) > -{ > - int i; > + while (IMB_FLUSH_JOB(m) !=3D NULL) > + ; >=20 > - derived[0] =3D base[0] << 1; > - for (i =3D 1; i < ICP_QAT_HW_AES_BLK_SZ ; i++) { > - derived[i] =3D base[i] << 1; > - derived[i - 1] |=3D base[i] >> 7; > + job =3D IMB_SUBMIT_JOB(m); > + if (job) { > + if (job->status =3D=3D IMB_STATUS_COMPLETED) > + return 0; > } >=20 > - if (base[0] & 0x80) > - derived[ICP_QAT_HW_AES_BLK_SZ - 1] ^=3D > QAT_AES_CMAC_CONST_RB; > + err =3D imb_get_errno(m); > + if (err) > + QAT_LOG(ERR, "Error: %s!\n", imb_get_strerror(err)); > + > + return -EFAULT; > } >=20 > static int > -partial_hash_compute(enum icp_qat_hw_auth_algo hash_alg, > - uint8_t *data_in, uint8_t *data_out) > +partial_hash_compute_ipsec_mb(enum icp_qat_hw_auth_algo hash_alg, > + uint8_t *data_in, uint8_t *data_out, IMB_MGR *m) > { > int digest_size; > uint8_t digest[qat_hash_get_digest_size( > @@ -1510,43 +1643,37 @@ partial_hash_compute(enum > icp_qat_hw_auth_algo hash_alg, >=20 > switch (hash_alg) { > case ICP_QAT_HW_AUTH_ALGO_SHA1: > - if (partial_hash_sha1(data_in, digest)) > - return -EFAULT; > + IMB_SHA1_ONE_BLOCK(m, data_in, digest); > for (i =3D 0; i < digest_size >> 2; i++, hash_state_out_be32++) > *hash_state_out_be32 =3D > rte_bswap32(*(((uint32_t *)digest)+i)); > break; > case ICP_QAT_HW_AUTH_ALGO_SHA224: > - if (partial_hash_sha224(data_in, digest)) > - return -EFAULT; > + IMB_SHA224_ONE_BLOCK(m, data_in, digest); > for (i =3D 0; i < digest_size >> 2; i++, hash_state_out_be32++) > *hash_state_out_be32 =3D > rte_bswap32(*(((uint32_t *)digest)+i)); > break; > case ICP_QAT_HW_AUTH_ALGO_SHA256: > - if (partial_hash_sha256(data_in, digest)) > - return -EFAULT; > + IMB_SHA256_ONE_BLOCK(m, data_in, digest); > for (i =3D 0; i < digest_size >> 2; i++, hash_state_out_be32++) > *hash_state_out_be32 =3D > rte_bswap32(*(((uint32_t *)digest)+i)); > break; > case ICP_QAT_HW_AUTH_ALGO_SHA384: > - if (partial_hash_sha384(data_in, digest)) > - return -EFAULT; > + IMB_SHA384_ONE_BLOCK(m, data_in, digest); > for (i =3D 0; i < digest_size >> 3; i++, hash_state_out_be64++) > *hash_state_out_be64 =3D > rte_bswap64(*(((uint64_t *)digest)+i)); > break; > case ICP_QAT_HW_AUTH_ALGO_SHA512: > - if (partial_hash_sha512(data_in, digest)) > - return -EFAULT; > + IMB_SHA512_ONE_BLOCK(m, data_in, digest); > for (i =3D 0; i < digest_size >> 3; i++, hash_state_out_be64++) > *hash_state_out_be64 =3D > rte_bswap64(*(((uint64_t *)digest)+i)); > break; > case ICP_QAT_HW_AUTH_ALGO_MD5: > - if (partial_hash_md5(data_in, data_out)) > - return -EFAULT; > + IMB_MD5_ONE_BLOCK(m, data_in, data_out); > break; > default: > QAT_LOG(ERR, "invalid hash alg %u", hash_alg); > @@ -1556,148 +1683,108 @@ partial_hash_compute(enum > icp_qat_hw_auth_algo hash_alg, > return 0; > } >=20 > -static int qat_sym_do_precomputes(enum icp_qat_hw_auth_algo hash_alg, > +static int qat_sym_do_precomputes_ipsec_mb(enum icp_qat_hw_auth_algo > hash_alg, > const uint8_t *auth_key, > uint16_t auth_keylen, > uint8_t *p_state_buf, > uint16_t *p_state_len, > uint8_t aes_cmac) > { > - int block_size; > + int block_size =3D 0; > uint8_t > ipad[qat_hash_get_block_size(ICP_QAT_HW_AUTH_ALGO_DELIMITER)]; > uint8_t > opad[qat_hash_get_block_size(ICP_QAT_HW_AUTH_ALGO_DELIMITER)]; > - int i; > + int i, ret =3D 0; > + uint8_t in[ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ]; > + > + IMB_MGR *m; > + m =3D alloc_mb_mgr(0); > + if (m =3D=3D NULL) > + return -ENOMEM; >=20 > + init_mb_mgr_auto(m, NULL); > + memset(in, 0, ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ); > if (hash_alg =3D=3D ICP_QAT_HW_AUTH_ALGO_AES_XCBC_MAC) { >=20 > /* CMAC */ > if (aes_cmac) { > - AES_KEY enc_key; > - uint8_t *in =3D NULL; > - uint8_t k0[ICP_QAT_HW_AES_128_KEY_SZ]; > uint8_t *k1, *k2; > - > auth_keylen =3D ICP_QAT_HW_AES_128_KEY_SZ; > - > - in =3D rte_zmalloc("AES CMAC K1", > - ICP_QAT_HW_AES_128_KEY_SZ, 16); > - > - if (in =3D=3D NULL) { > - QAT_LOG(ERR, "Failed to alloc memory"); > - return -ENOMEM; > - } > - > - rte_memcpy(in, AES_CMAC_SEED, > - ICP_QAT_HW_AES_128_KEY_SZ); > rte_memcpy(p_state_buf, auth_key, auth_keylen); >=20 > - if (AES_set_encrypt_key(auth_key, auth_keylen << 3, > - &enc_key) !=3D 0) { > - rte_free(in); > - return -EFAULT; > - } > - > - AES_encrypt(in, k0, &enc_key); > - > + DECLARE_ALIGNED(uint32_t expkey[4*15], 16); > + DECLARE_ALIGNED(uint32_t dust[4*15], 16); > + IMB_AES_KEYEXP_128(m, p_state_buf, expkey, dust); > k1 =3D p_state_buf + > ICP_QAT_HW_AES_XCBC_MAC_STATE1_SZ; > k2 =3D k1 + ICP_QAT_HW_AES_XCBC_MAC_STATE1_SZ; >=20 > - aes_cmac_key_derive(k0, k1); > - aes_cmac_key_derive(k1, k2); > - > - memset(k0, 0, ICP_QAT_HW_AES_128_KEY_SZ); > + IMB_AES_CMAC_SUBKEY_GEN_128(m, expkey, k1, k2); > *p_state_len =3D > ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ; > - rte_free(in); > - return 0; > - } else { > - static uint8_t qat_aes_xcbc_key_seed[ > - > ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ] =3D { > - 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, > - 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, > - 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, > - 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, > - 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, > - 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, > - }; > + goto out; > + } >=20 > - uint8_t *in =3D NULL; > - uint8_t *out =3D p_state_buf; > - int x; > - AES_KEY enc_key; > + static uint8_t qat_aes_xcbc_key_seed[ > + ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ] =3D { > + 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, > + 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, > + 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, > + 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, > + 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, > + 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, > + }; >=20 > - in =3D rte_zmalloc("working mem for key", > - > ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ, 16); > - if (in =3D=3D NULL) { > - QAT_LOG(ERR, "Failed to alloc memory"); > - return -ENOMEM; > + uint8_t *input =3D in; > + uint8_t *out =3D p_state_buf; > + rte_memcpy(input, qat_aes_xcbc_key_seed, > + ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ); > + for (i =3D 0; i < HASH_XCBC_PRECOMP_KEY_NUM; i++) { > + if (aes_ipsecmb_job(input, out, m, auth_key, > auth_keylen)) { > + memset(input - > + (i * ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ), > + 0, > ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ); > + ret =3D -EFAULT; > + goto out; > } >=20 > - rte_memcpy(in, qat_aes_xcbc_key_seed, > - > ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ); > - for (x =3D 0; x < HASH_XCBC_PRECOMP_KEY_NUM; x++) { > - if (AES_set_encrypt_key(auth_key, > - auth_keylen << 3, > - &enc_key) !=3D 0) { > - rte_free(in - > - (x * > ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ)); > - memset(out - > - (x * > ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ), > - 0, > ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ); > - return -EFAULT; > - } > - AES_encrypt(in, out, &enc_key); > - in +=3D ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ; > - out +=3D ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ; > - } > - *p_state_len =3D > ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ; > - rte_free(in - x*ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ); > - return 0; > + input +=3D ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ; > + out +=3D ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ; > } > + *p_state_len =3D ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ; > + goto out; >=20 > } else if ((hash_alg =3D=3D ICP_QAT_HW_AUTH_ALGO_GALOIS_128) || > (hash_alg =3D=3D ICP_QAT_HW_AUTH_ALGO_GALOIS_64)) { > - uint8_t *in =3D NULL; > uint8_t *out =3D p_state_buf; > - AES_KEY enc_key; >=20 > memset(p_state_buf, 0, ICP_QAT_HW_GALOIS_H_SZ + > ICP_QAT_HW_GALOIS_LEN_A_SZ + > ICP_QAT_HW_GALOIS_E_CTR0_SZ); > - in =3D rte_zmalloc("working mem for key", > - ICP_QAT_HW_GALOIS_H_SZ, 16); > - if (in =3D=3D NULL) { > - QAT_LOG(ERR, "Failed to alloc memory"); > - return -ENOMEM; > + if (aes_ipsecmb_job(in, out, m, auth_key, auth_keylen)) { > + ret =3D -EFAULT; > + goto out; > } >=20 > - memset(in, 0, ICP_QAT_HW_GALOIS_H_SZ); > - if (AES_set_encrypt_key(auth_key, auth_keylen << 3, > - &enc_key) !=3D 0) { > - return -EFAULT; > - } > - AES_encrypt(in, out, &enc_key); > *p_state_len =3D ICP_QAT_HW_GALOIS_H_SZ + > ICP_QAT_HW_GALOIS_LEN_A_SZ + > ICP_QAT_HW_GALOIS_E_CTR0_SZ; > - rte_free(in); > - return 0; > + goto out; > } >=20 > block_size =3D qat_hash_get_block_size(hash_alg); > - if (block_size < 0) > + if (block_size < 0) { > + free_mb_mgr(m); > return block_size; > - /* init ipad and opad from key and xor with fixed values */ > - memset(ipad, 0, block_size); > - memset(opad, 0, block_size); > + } >=20 > if (auth_keylen > (unsigned int)block_size) { > QAT_LOG(ERR, "invalid keylen %u", auth_keylen); > - return -EFAULT; > + ret =3D -EFAULT; > + goto out; > } > - > + /* init ipad and opad from key and xor with fixed values */ > + memset(ipad, 0, block_size); > + memset(opad, 0, block_size); > RTE_VERIFY(auth_keylen <=3D sizeof(ipad)); > RTE_VERIFY(auth_keylen <=3D sizeof(opad)); > - > rte_memcpy(ipad, auth_key, auth_keylen); > rte_memcpy(opad, auth_key, auth_keylen); >=20 > @@ -1709,11 +1796,10 @@ static int qat_sym_do_precomputes(enum > icp_qat_hw_auth_algo hash_alg, > } >=20 > /* do partial hash of ipad and copy to state1 */ > - if (partial_hash_compute(hash_alg, ipad, p_state_buf)) { > - memset(ipad, 0, block_size); > - memset(opad, 0, block_size); > + if (partial_hash_compute_ipsec_mb(hash_alg, ipad, p_state_buf, m)) { > QAT_LOG(ERR, "ipad precompute failed"); > - return -EFAULT; > + ret =3D -EFAULT; > + goto out; > } >=20 > /* > @@ -1721,18 +1807,21 @@ static int qat_sym_do_precomputes(enum > icp_qat_hw_auth_algo hash_alg, > * Put the partial hash of opad state_len bytes after state1 > */ > *p_state_len =3D qat_hash_get_state1_size(hash_alg); > - if (partial_hash_compute(hash_alg, opad, p_state_buf + *p_state_len)) { > - memset(ipad, 0, block_size); > - memset(opad, 0, block_size); > + if (partial_hash_compute_ipsec_mb(hash_alg, opad, > + p_state_buf + *p_state_len, m)) { > QAT_LOG(ERR, "opad precompute failed"); > - return -EFAULT; > + ret =3D -EFAULT; > + goto out; > } >=20 > +out: > /* don't leave data lying around */ > memset(ipad, 0, block_size); > memset(opad, 0, block_size); > - return 0; > + free_mb_mgr(m); > + return ret; > } > +#endif >=20 > static void > qat_sym_session_init_common_hdr(struct qat_sym_session *session) > @@ -2124,20 +2213,16 @@ int qat_sym_cd_auth_set(struct qat_sym_session > *cdesc, > break; > } > /* SHA-1 HMAC */ > - if (qat_ipsec_mb_lib) { > -#ifdef RTE_QAT_LIBIPSECMB > - ret =3D > qat_sym_do_precomputes_ipsec_mb(ICP_QAT_HW_AUTH_ALGO_SHA1, > - authkey, authkeylen, cdesc->cd_cur_ptr, > &state1_size, > - cdesc->aes_cmac); > +#ifdef RTE_QAT_OPENSSL > + ret =3D > qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA1, authkey, > + authkeylen, cdesc->cd_cur_ptr, &state1_size, > + cdesc->aes_cmac); > + > #else > - QAT_LOG(ERR, "Intel IPSEC-MB LIB missing ?"); > - return -EFAULT; > + ret =3D > qat_sym_do_precomputes_ipsec_mb(ICP_QAT_HW_AUTH_ALGO_SHA1, > + authkey, authkeylen, cdesc->cd_cur_ptr, &state1_size, > + cdesc->aes_cmac); > #endif > - } else { > - ret =3D > qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA1, authkey, > - authkeylen, cdesc->cd_cur_ptr, &state1_size, > - cdesc->aes_cmac); > - } >=20 > if (ret) { > QAT_LOG(ERR, "(SHA)precompute failed"); > @@ -2155,21 +2240,15 @@ int qat_sym_cd_auth_set(struct qat_sym_session > *cdesc, > break; > } > /* SHA-224 HMAC */ > - if (qat_ipsec_mb_lib) { > -#ifdef RTE_QAT_LIBIPSECMB > - ret =3D > qat_sym_do_precomputes_ipsec_mb(ICP_QAT_HW_AUTH_ALGO_SHA224, > - authkey, authkeylen, cdesc->cd_cur_ptr, > &state1_size, > - cdesc->aes_cmac); > +#ifdef RTE_QAT_OPENSSL > + ret =3D > qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA224, authkey, > + authkeylen, cdesc->cd_cur_ptr, &state1_size, > + cdesc->aes_cmac); > #else > - QAT_LOG(ERR, "Intel IPSEC-MB LIB missing ?"); > - return -EFAULT; > + ret =3D > qat_sym_do_precomputes_ipsec_mb(ICP_QAT_HW_AUTH_ALGO_SHA224, > + authkey, authkeylen, cdesc->cd_cur_ptr, &state1_size, > + cdesc->aes_cmac); > #endif > - } else { > - ret =3D > qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA224, authkey, > - authkeylen, cdesc->cd_cur_ptr, &state1_size, > - cdesc->aes_cmac); > - } > - > if (ret) { > QAT_LOG(ERR, "(SHA)precompute failed"); > return -EFAULT; > @@ -2186,21 +2265,15 @@ int qat_sym_cd_auth_set(struct qat_sym_session > *cdesc, > break; > } > /* SHA-256 HMAC */ > - if (qat_ipsec_mb_lib) { > -#ifdef RTE_QAT_LIBIPSECMB > - ret =3D > qat_sym_do_precomputes_ipsec_mb(ICP_QAT_HW_AUTH_ALGO_SHA256, > - authkey, authkeylen, cdesc->cd_cur_ptr, > &state1_size, > - cdesc->aes_cmac); > +#ifdef RTE_QAT_OPENSSL > + ret =3D > qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA256, authkey, > + authkeylen, cdesc->cd_cur_ptr, &state1_size, > + cdesc->aes_cmac); > #else > - QAT_LOG(ERR, "Intel IPSEC-MB LIB missing ?"); > - return -EFAULT; > + ret =3D > qat_sym_do_precomputes_ipsec_mb(ICP_QAT_HW_AUTH_ALGO_SHA256, > + authkey, authkeylen, cdesc->cd_cur_ptr, &state1_size, > + cdesc->aes_cmac); > #endif > - } else { > - ret =3D > qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA256, authkey, > - authkeylen, cdesc->cd_cur_ptr, &state1_size, > - cdesc->aes_cmac); > - } > - > if (ret) { > QAT_LOG(ERR, "(SHA)precompute failed"); > return -EFAULT; > @@ -2217,21 +2290,15 @@ int qat_sym_cd_auth_set(struct qat_sym_session > *cdesc, > break; > } > /* SHA-384 HMAC */ > - if (qat_ipsec_mb_lib) { > -#ifdef RTE_QAT_LIBIPSECMB > - ret =3D > qat_sym_do_precomputes_ipsec_mb(ICP_QAT_HW_AUTH_ALGO_SHA384, > - authkey, authkeylen, cdesc->cd_cur_ptr, > &state1_size, > - cdesc->aes_cmac); > +#ifdef RTE_QAT_OPENSSL > + ret =3D > qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA384, authkey, > + authkeylen, cdesc->cd_cur_ptr, &state1_size, > + cdesc->aes_cmac); > #else > - QAT_LOG(ERR, "Intel IPSEC-MB LIB missing ?"); > - return -EFAULT; > + ret =3D > qat_sym_do_precomputes_ipsec_mb(ICP_QAT_HW_AUTH_ALGO_SHA384, > + authkey, authkeylen, cdesc->cd_cur_ptr, &state1_size, > + cdesc->aes_cmac); > #endif > - } else { > - ret =3D > qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA384, authkey, > - authkeylen, cdesc->cd_cur_ptr, &state1_size, > - cdesc->aes_cmac); > - } > - > if (ret) { > QAT_LOG(ERR, "(SHA)precompute failed"); > return -EFAULT; > @@ -2248,21 +2315,15 @@ int qat_sym_cd_auth_set(struct qat_sym_session > *cdesc, > break; > } > /* SHA-512 HMAC */ > - if (qat_ipsec_mb_lib) { > -#ifdef RTE_QAT_LIBIPSECMB > - ret =3D > qat_sym_do_precomputes_ipsec_mb(ICP_QAT_HW_AUTH_ALGO_SHA512, > - authkey, authkeylen, cdesc->cd_cur_ptr, > &state1_size, > - cdesc->aes_cmac); > +#ifdef RTE_QAT_OPENSSL > + ret =3D > qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA512, authkey, > + authkeylen, cdesc->cd_cur_ptr, &state1_size, > + cdesc->aes_cmac); > #else > - QAT_LOG(ERR, "Intel IPSEC-MB LIB missing ?"); > - return -EFAULT; > + ret =3D > qat_sym_do_precomputes_ipsec_mb(ICP_QAT_HW_AUTH_ALGO_SHA512, > + authkey, authkeylen, cdesc->cd_cur_ptr, &state1_size, > + cdesc->aes_cmac); > #endif > - } else { > - ret =3D > qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA512, authkey, > - authkeylen, cdesc->cd_cur_ptr, &state1_size, > - cdesc->aes_cmac); > - } > - > if (ret) { > QAT_LOG(ERR, "(SHA)precompute failed"); > return -EFAULT; > @@ -2298,22 +2359,16 @@ int qat_sym_cd_auth_set(struct qat_sym_session > *cdesc, >=20 > if (cdesc->aes_cmac) > memset(cdesc->cd_cur_ptr, 0, state1_size); > - if (qat_ipsec_mb_lib) { > -#ifdef RTE_QAT_LIBIPSECMB > - ret =3D qat_sym_do_precomputes_ipsec_mb( > - ICP_QAT_HW_AUTH_ALGO_AES_XCBC_MAC, > - authkey, authkeylen, cdesc->cd_cur_ptr + > state1_size, > - &state2_size, cdesc->aes_cmac); > +#ifdef RTE_QAT_OPENSSL > + ret =3D > qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_AES_XCBC_MAC, > + authkey, authkeylen, cdesc->cd_cur_ptr + state1_size, > + &state2_size, cdesc->aes_cmac); > #else > - QAT_LOG(ERR, "Intel IPSEC-MB LIB missing ?"); > - return -EFAULT; > + ret =3D qat_sym_do_precomputes_ipsec_mb( > + ICP_QAT_HW_AUTH_ALGO_AES_XCBC_MAC, > + authkey, authkeylen, cdesc->cd_cur_ptr + state1_size, > + &state2_size, cdesc->aes_cmac); > #endif > - } else { > - ret =3D > qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_AES_XCBC_MAC, > - authkey, authkeylen, cdesc->cd_cur_ptr + > state1_size, > - &state2_size, cdesc->aes_cmac); > - } > - > if (ret) { > cdesc->aes_cmac ? QAT_LOG(ERR, > "(CMAC)precompute failed") > @@ -2326,21 +2381,15 @@ int qat_sym_cd_auth_set(struct qat_sym_session > *cdesc, > case ICP_QAT_HW_AUTH_ALGO_GALOIS_64: > cdesc->qat_proto_flag =3D QAT_CRYPTO_PROTO_FLAG_GCM; > state1_size =3D ICP_QAT_HW_GALOIS_128_STATE1_SZ; > - if (qat_ipsec_mb_lib) { > -#ifdef RTE_QAT_LIBIPSECMB > - ret =3D qat_sym_do_precomputes_ipsec_mb(cdesc- > >qat_hash_alg, authkey, > - authkeylen, cdesc->cd_cur_ptr + state1_size, > - &state2_size, cdesc->aes_cmac); > +#ifdef RTE_QAT_OPENSSL > + ret =3D qat_sym_do_precomputes(cdesc->qat_hash_alg, authkey, > + authkeylen, cdesc->cd_cur_ptr + state1_size, > + &state2_size, cdesc->aes_cmac); > #else > - QAT_LOG(ERR, "Intel IPSEC-MB LIB missing ?"); > - return -EFAULT; > + ret =3D qat_sym_do_precomputes_ipsec_mb(cdesc- > >qat_hash_alg, authkey, > + authkeylen, cdesc->cd_cur_ptr + state1_size, > + &state2_size, cdesc->aes_cmac); > #endif > - } else { > - ret =3D qat_sym_do_precomputes(cdesc->qat_hash_alg, > authkey, > - authkeylen, cdesc->cd_cur_ptr + state1_size, > - &state2_size, cdesc->aes_cmac); > - } > - > if (ret) { > QAT_LOG(ERR, "(GCM)precompute failed"); > return -EFAULT; > @@ -2397,21 +2446,15 @@ int qat_sym_cd_auth_set(struct qat_sym_session > *cdesc, >=20 > break; > case ICP_QAT_HW_AUTH_ALGO_MD5: > - if (qat_ipsec_mb_lib) { > -#ifdef RTE_QAT_LIBIPSECMB > - ret =3D > qat_sym_do_precomputes_ipsec_mb(ICP_QAT_HW_AUTH_ALGO_MD5, > - authkey, authkeylen, cdesc->cd_cur_ptr, > &state1_size, > - cdesc->aes_cmac); > +#ifdef RTE_QAT_OPENSSL > + ret =3D > qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_MD5, authkey, > + authkeylen, cdesc->cd_cur_ptr, &state1_size, > + cdesc->aes_cmac); > #else > - QAT_LOG(ERR, "Intel IPSEC-MB LIB missing"); > - return -EFAULT; > + ret =3D > qat_sym_do_precomputes_ipsec_mb(ICP_QAT_HW_AUTH_ALGO_MD5, > + authkey, authkeylen, cdesc->cd_cur_ptr, &state1_size, > + cdesc->aes_cmac); > #endif > - } else { > - ret =3D > qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_MD5, authkey, > - authkeylen, cdesc->cd_cur_ptr, &state1_size, > - cdesc->aes_cmac); > - } > - > if (ret) { > QAT_LOG(ERR, "(MD5)precompute failed"); > return -EFAULT; > @@ -2708,9 +2751,11 @@ qat_security_session_create(void *dev, > return -EINVAL; > } >=20 > +#ifdef RTE_QAT_OPENSSL > #if (OPENSSL_VERSION_NUMBER >=3D 0x30000000L) > if (ossl_legacy_provider_load()) > return -EINVAL; > +#endif > #endif > ret =3D qat_sec_session_set_docsis_parameters(cdev, conf, > sess_private_data, > SECURITY_GET_SESS_PRIV_IOVA(sess)); > @@ -2719,8 +2764,10 @@ qat_security_session_create(void *dev, > return ret; > } >=20 > +#ifdef RTE_QAT_OPENSSL > #if (OPENSSL_VERSION_NUMBER >=3D 0x30000000L) > ossl_legacy_provider_unload(); > +#endif > #endif > return 0; > } > @@ -2733,8 +2780,13 @@ qat_security_session_destroy(void *dev > __rte_unused, > struct qat_sym_session *s =3D (struct qat_sym_session *)sess_priv; >=20 > if (sess_priv) { > +#ifdef RTE_QAT_OPENSSL > if (s->bpi_ctx) > bpi_cipher_ctx_free(s->bpi_ctx); > +#else > + if (s->mb_mgr) > + free_mb_mgr(s->mb_mgr); > +#endif > memset(s, 0, qat_sym_session_get_private_size(dev)); > } >=20 > diff --git a/drivers/crypto/qat/qat_sym_session.h > b/drivers/crypto/qat/qat_sym_session.h > index 6322d7e3bc..c0b6fc14ea 100644 > --- a/drivers/crypto/qat/qat_sym_session.h > +++ b/drivers/crypto/qat/qat_sym_session.h > @@ -15,6 +15,14 @@ > #include "icp_qat_fw.h" > #include "icp_qat_fw_la.h" >=20 > +#ifndef RTE_QAT_OPENSSL > +#if defined(RTE_ARCH_ARM) > +#include > +#else > +#include > +#endif > +#endif > + > /* > * Key Modifier (KM) value used in KASUMI algorithm in F9 mode to XOR > * Integrity Key (IK) > @@ -118,6 +126,12 @@ struct qat_sym_session { > uint32_t slice_types; > enum qat_sym_proto_flag qat_proto_flag; > qat_sym_build_request_t build_request[2]; > +#ifndef RTE_QAT_OPENSSL > + IMB_MGR *mb_mgr; > +#endif > + uint64_t expkey[4*15]; > + uint32_t dust[4*15]; > + uint8_t docsis_key_len; > }; >=20 > int > -- > 2.25.1