Patch Detail

HTTP 200 OK
Allow: GET, PUT, PATCH, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "id": 43700,
    "url": "http://patchwork.dpdk.org/api/patches/43700/?format=api",
    "web_url": "http://patchwork.dpdk.org/project/dpdk/patch/20180814003848.11095-2-pablo.de.lara.guarch@intel.com/",
    "project": {
        "id": 1,
        "url": "http://patchwork.dpdk.org/api/projects/1/?format=api",
        "name": "DPDK",
        "link_name": "dpdk",
        "list_id": "dev.dpdk.org",
        "list_email": "dev@dpdk.org",
        "web_url": "http://core.dpdk.org",
        "scm_url": "git://dpdk.org/dpdk",
        "webscm_url": "http://git.dpdk.org/dpdk",
        "list_archive_url": "https://inbox.dpdk.org/dev",
        "list_archive_url_format": "https://inbox.dpdk.org/dev/{}",
        "commit_url_format": ""
    },
    "msgid": "<20180814003848.11095-2-pablo.de.lara.guarch@intel.com>",
    "list_archive_url": "https://inbox.dpdk.org/dev/20180814003848.11095-2-pablo.de.lara.guarch@intel.com",
    "date": "2018-08-14T00:38:44",
    "name": "[1/5] crypto/aesni_mb: support all truncated HMAC digest sizes",
    "commit_ref": null,
    "pull_url": null,
    "state": "accepted",
    "archived": true,
    "hash": "a9266108bb545f27a82b74d57153d96f4d92ec30",
    "submitter": {
        "id": 9,
        "url": "http://patchwork.dpdk.org/api/people/9/?format=api",
        "name": "De Lara Guarch, Pablo",
        "email": "pablo.de.lara.guarch@intel.com"
    },
    "delegate": {
        "id": 6690,
        "url": "http://patchwork.dpdk.org/api/users/6690/?format=api",
        "username": "akhil",
        "first_name": "akhil",
        "last_name": "goyal",
        "email": "gakhil@marvell.com"
    },
    "mbox": "http://patchwork.dpdk.org/project/dpdk/patch/20180814003848.11095-2-pablo.de.lara.guarch@intel.com/mbox/",
    "series": [
        {
            "id": 976,
            "url": "http://patchwork.dpdk.org/api/series/976/?format=api",
            "web_url": "http://patchwork.dpdk.org/project/dpdk/list/?series=976",
            "date": "2018-08-14T00:38:43",
            "name": "AESNI MB PMD changes",
            "version": 1,
            "mbox": "http://patchwork.dpdk.org/series/976/mbox/"
        }
    ],
    "comments": "http://patchwork.dpdk.org/api/patches/43700/comments/",
    "check": "warning",
    "checks": "http://patchwork.dpdk.org/api/patches/43700/checks/",
    "tags": {},
    "related": [],
    "headers": {
        "Return-Path": "<dev-bounces@dpdk.org>",
        "X-Original-To": "patchwork@dpdk.org",
        "Delivered-To": "patchwork@dpdk.org",
        "Received": [
            "from [92.243.14.124] (localhost [127.0.0.1])\n\tby dpdk.org (Postfix) with ESMTP id 31B5E4C6F;\n\tTue, 14 Aug 2018 10:45:20 +0200 (CEST)",
            "from mga07.intel.com (mga07.intel.com [134.134.136.100])\n\tby dpdk.org (Postfix) with ESMTP id 3CF061E2F\n\tfor <dev@dpdk.org>; Tue, 14 Aug 2018 10:45:17 +0200 (CEST)",
            "from orsmga004.jf.intel.com ([10.7.209.38])\n\tby orsmga105.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;\n\t14 Aug 2018 01:45:15 -0700",
            "from silpixa00399466.ir.intel.com (HELO\n\tsilpixa00399466.ger.corp.intel.com) ([10.237.223.220])\n\tby orsmga004.jf.intel.com with ESMTP; 14 Aug 2018 01:45:14 -0700"
        ],
        "X-Amp-Result": "SKIPPED(no attachment in message)",
        "X-Amp-File-Uploaded": "False",
        "X-ExtLoop1": "1",
        "X-IronPort-AV": "E=Sophos;i=\"5.53,237,1531810800\"; d=\"scan'208\";a=\"224482019\"",
        "From": "Pablo de Lara <pablo.de.lara.guarch@intel.com>",
        "To": "declan.doherty@intel.com",
        "Cc": "dev@dpdk.org,\n\tPablo de Lara <pablo.de.lara.guarch@intel.com>",
        "Date": "Tue, 14 Aug 2018 01:38:44 +0100",
        "Message-Id": "<20180814003848.11095-2-pablo.de.lara.guarch@intel.com>",
        "X-Mailer": "git-send-email 2.17.1",
        "In-Reply-To": "<20180814003848.11095-1-pablo.de.lara.guarch@intel.com>",
        "References": "<20180814003848.11095-1-pablo.de.lara.guarch@intel.com>",
        "Subject": "[dpdk-dev] [PATCH 1/5] crypto/aesni_mb: support all truncated HMAC\n\tdigest sizes",
        "X-BeenThere": "dev@dpdk.org",
        "X-Mailman-Version": "2.1.15",
        "Precedence": "list",
        "List-Id": "DPDK patches and discussions <dev.dpdk.org>",
        "List-Unsubscribe": "<https://mails.dpdk.org/options/dev>,\n\t<mailto:dev-request@dpdk.org?subject=unsubscribe>",
        "List-Archive": "<http://mails.dpdk.org/archives/dev/>",
        "List-Post": "<mailto:dev@dpdk.org>",
        "List-Help": "<mailto:dev-request@dpdk.org?subject=help>",
        "List-Subscribe": "<https://mails.dpdk.org/listinfo/dev>,\n\t<mailto:dev-request@dpdk.org?subject=subscribe>",
        "Errors-To": "dev-bounces@dpdk.org",
        "Sender": "\"dev\" <dev-bounces@dpdk.org>"
    },
    "content": "HMAC algorithms (MD5 and SHAx) have different full digest sizes.\nHowever, they are often truncated to a smaller size (such as in IPSec).\nThis commit allows a user to generate a digest of any size\nup to the full size.\n\nSigned-off-by: Pablo de Lara Guarch <pablo.de.lara.guarch@intel.com>\n---\n drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c    | 83 ++++++++++++++-----\n .../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c    | 36 ++++++++\n .../aesni_mb/rte_aesni_mb_pmd_private.h       | 13 +--\n 3 files changed, 105 insertions(+), 27 deletions(-)",
    "diff": "diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c\nindex 93dc7a443..6fbfab8b8 100644\n--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c\n+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c\n@@ -112,12 +112,17 @@ aesni_mb_set_session_auth_parameters(const struct aesni_mb_op_fns *mb_ops,\n \t\treturn -1;\n \t}\n \n+\t/* Set the request digest size */\n+\tsess->auth.req_digest_len = xform->auth.digest_length;\n+\n \t/* Select auth generate/verify */\n \tsess->auth.operation = xform->auth.op;\n \n \t/* Set Authentication Parameters */\n \tif (xform->auth.algo == RTE_CRYPTO_AUTH_AES_XCBC_MAC) {\n \t\tsess->auth.algo = AES_XCBC;\n+\n+\t\tsess->auth.gen_digest_len = sess->auth.req_digest_len;\n \t\t(*mb_ops->aux.keyexp.aes_xcbc)(xform->auth.key.data,\n \t\t\t\tsess->auth.xcbc.k1_expanded,\n \t\t\t\tsess->auth.xcbc.k2, sess->auth.xcbc.k3);\n@@ -126,6 +131,8 @@ aesni_mb_set_session_auth_parameters(const struct aesni_mb_op_fns *mb_ops,\n \n \tif (xform->auth.algo == RTE_CRYPTO_AUTH_AES_CMAC) {\n \t\tsess->auth.algo = AES_CMAC;\n+\n+\t\tsess->auth.gen_digest_len = sess->auth.req_digest_len;\n \t\t(*mb_ops->aux.keyexp.aes_cmac_expkey)(xform->auth.key.data,\n \t\t\t\tsess->auth.cmac.expkey);\n \n@@ -134,7 +141,6 @@ aesni_mb_set_session_auth_parameters(const struct aesni_mb_op_fns *mb_ops,\n \t\treturn 0;\n \t}\n \n-\n \tswitch (xform->auth.algo) {\n \tcase RTE_CRYPTO_AUTH_MD5_HMAC:\n \t\tsess->auth.algo = MD5;\n@@ -164,6 +170,26 @@ aesni_mb_set_session_auth_parameters(const struct aesni_mb_op_fns *mb_ops,\n \t\tAESNI_MB_LOG(ERR, \"Unsupported authentication algorithm selection\");\n \t\treturn -ENOTSUP;\n \t}\n+\tuint16_t trunc_digest_size =\n+\t\t\tget_truncated_digest_byte_length(sess->auth.algo);\n+\tuint16_t full_digest_size =\n+\t\t\tget_digest_byte_length(sess->auth.algo);\n+\n+#if IMB_VERSION_NUM >= IMB_VERSION(0, 50, 0)\n+\tif (sess->auth.req_digest_len > full_digest_size ||\n+\t\t\tsess->auth.req_digest_len == 0) {\n+#else\n+\tif (sess->auth.req_digest_len != trunc_digest_size) {\n+#endif\n+\t\tAESNI_MB_LOG(ERR, \"Invalid digest size\\n\");\n+\t\treturn -EINVAL;\n+\t}\n+\n+\tif (sess->auth.req_digest_len != trunc_digest_size &&\n+\t\t\tsess->auth.req_digest_len != full_digest_size)\n+\t\tsess->auth.gen_digest_len = full_digest_size;\n+\telse\n+\t\tsess->auth.gen_digest_len = sess->auth.req_digest_len;\n \n \t/* Calculate Authentication precomputes */\n \tcalculate_auth_precomputes(hash_oneblock_fn,\n@@ -360,6 +386,9 @@ aesni_mb_set_session_aead_parameters(const struct aesni_mb_op_fns *mb_ops,\n \tsess->iv.offset = xform->aead.iv.offset;\n \tsess->iv.length = xform->aead.iv.length;\n \n+\tsess->auth.req_digest_len = xform->aead.digest_length;\n+\tsess->auth.gen_digest_len = sess->auth.req_digest_len;\n+\n \t/* Check key length and choose key expansion function for AES */\n \n \tswitch (xform->aead.key.length) {\n@@ -397,19 +426,16 @@ aesni_mb_set_session_parameters(const struct aesni_mb_op_fns *mb_ops,\n \t\tsess->chain_order = HASH_CIPHER;\n \t\tauth_xform = xform;\n \t\tcipher_xform = xform->next;\n-\t\tsess->auth.digest_len = xform->auth.digest_length;\n \t\tbreak;\n \tcase AESNI_MB_OP_CIPHER_HASH:\n \t\tsess->chain_order = CIPHER_HASH;\n \t\tauth_xform = xform->next;\n \t\tcipher_xform = xform;\n-\t\tsess->auth.digest_len = xform->auth.digest_length;\n \t\tbreak;\n \tcase AESNI_MB_OP_HASH_ONLY:\n \t\tsess->chain_order = HASH_CIPHER;\n \t\tauth_xform = xform;\n \t\tcipher_xform = NULL;\n-\t\tsess->auth.digest_len = xform->auth.digest_length;\n \t\tbreak;\n \tcase AESNI_MB_OP_CIPHER_ONLY:\n \t\t/*\n@@ -428,13 +454,11 @@ aesni_mb_set_session_parameters(const struct aesni_mb_op_fns *mb_ops,\n \tcase AESNI_MB_OP_AEAD_CIPHER_HASH:\n \t\tsess->chain_order = CIPHER_HASH;\n \t\tsess->aead.aad_len = xform->aead.aad_length;\n-\t\tsess->auth.digest_len = xform->aead.digest_length;\n \t\taead_xform = xform;\n \t\tbreak;\n \tcase AESNI_MB_OP_AEAD_HASH_CIPHER:\n \t\tsess->chain_order = HASH_CIPHER;\n \t\tsess->aead.aad_len = xform->aead.aad_length;\n-\t\tsess->auth.digest_len = xform->aead.digest_length;\n \t\taead_xform = xform;\n \t\tbreak;\n \tcase AESNI_MB_OP_NOT_SUPPORTED:\n@@ -641,21 +665,17 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,\n \t\t\tjob->auth_tag_output = op->sym->aead.digest.data;\n \t\telse\n \t\t\tjob->auth_tag_output = op->sym->auth.digest.data;\n-\t}\n \n-\t/*\n-\t * Multi-buffer library current only support returning a truncated\n-\t * digest length as specified in the relevant IPsec RFCs\n-\t */\n-\tif (job->hash_alg != AES_CCM && job->hash_alg != AES_CMAC)\n-\t\tjob->auth_tag_output_len_in_bytes =\n-\t\t\t\tget_truncated_digest_byte_length(job->hash_alg);\n-\telse\n-\t\tjob->auth_tag_output_len_in_bytes = session->auth.digest_len;\n+\t\tif (session->auth.req_digest_len != session->auth.gen_digest_len) {\n+\t\t\tjob->auth_tag_output = qp->temp_digests[*digest_idx];\n+\t\t\t*digest_idx = (*digest_idx + 1) % MAX_JOBS;\n+\t\t}\n+\t}\n \n+\t/* Set digest length */\n+\tjob->auth_tag_output_len_in_bytes = session->auth.gen_digest_len;\n \n \t/* Set IV parameters */\n-\n \tjob->iv_len_in_bytes = session->iv.length;\n \n \t/* Data  Parameter */\n@@ -690,20 +710,37 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,\n }\n \n static inline void\n-verify_digest(struct aesni_mb_qp *qp __rte_unused, JOB_AES_HMAC *job,\n-\t\tstruct rte_crypto_op *op) {\n+verify_digest(JOB_AES_HMAC *job, struct rte_crypto_op *op,\n+\t\tstruct aesni_mb_session *sess)\n+{\n \t/* Verify digest if required */\n \tif (job->hash_alg == AES_CCM) {\n \t\tif (memcmp(job->auth_tag_output, op->sym->aead.digest.data,\n-\t\t\t\tjob->auth_tag_output_len_in_bytes) != 0)\n+\t\t\t\tsess->auth.req_digest_len) != 0)\n \t\t\top->status = RTE_CRYPTO_OP_STATUS_AUTH_FAILED;\n \t} else {\n \t\tif (memcmp(job->auth_tag_output, op->sym->auth.digest.data,\n-\t\t\t\tjob->auth_tag_output_len_in_bytes) != 0)\n+\t\t\t\tsess->auth.req_digest_len) != 0)\n \t\t\top->status = RTE_CRYPTO_OP_STATUS_AUTH_FAILED;\n \t}\n }\n \n+static inline void\n+generate_digest(JOB_AES_HMAC *job, struct rte_crypto_op *op,\n+\t\tstruct aesni_mb_session *sess)\n+{\n+\t/* No extra copy neeed */\n+\tif (likely(sess->auth.req_digest_len == sess->auth.gen_digest_len))\n+\t\treturn;\n+\n+\t/*\n+\t * This can only happen for HMAC, so only digest\n+\t * for authentication algos is required\n+\t */\n+\tmemcpy(op->sym->auth.digest.data, job->auth_tag_output,\n+\t\t\tsess->auth.req_digest_len);\n+}\n+\n /**\n  * Process a completed job and return rte_mbuf which job processed\n  *\n@@ -730,7 +767,9 @@ post_process_mb_job(struct aesni_mb_qp *qp, JOB_AES_HMAC *job)\n \t\t\tif (job->hash_alg != NULL_HASH) {\n \t\t\t\tif (sess->auth.operation ==\n \t\t\t\t\t\tRTE_CRYPTO_AUTH_OP_VERIFY)\n-\t\t\t\t\tverify_digest(qp, job, op);\n+\t\t\t\t\tverify_digest(job, op, sess);\n+\t\t\t\telse\n+\t\t\t\t\tgenerate_digest(job, op, sess);\n \t\t\t}\n \t\t\tbreak;\n \t\tdefault:\ndiff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c\nindex ab26e5ae4..e8397803e 100644\n--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c\n+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c\n@@ -25,9 +25,15 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {\n \t\t\t\t\t.increment = 1\n \t\t\t\t},\n \t\t\t\t.digest_size = {\n+#if IMB_VERSION_NUM >= IMB_VERSION(0, 50, 0)\n+\t\t\t\t\t.min = 1,\n+\t\t\t\t\t.max = 16,\n+\t\t\t\t\t.increment = 1\n+#else\n \t\t\t\t\t.min = 12,\n \t\t\t\t\t.max = 12,\n \t\t\t\t\t.increment = 0\n+#endif\n \t\t\t\t},\n \t\t\t\t.iv_size = { 0 }\n \t\t\t}, }\n@@ -46,9 +52,15 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {\n \t\t\t\t\t.increment = 1\n \t\t\t\t},\n \t\t\t\t.digest_size = {\n+#if IMB_VERSION_NUM >= IMB_VERSION(0, 50, 0)\n+\t\t\t\t\t.min = 1,\n+\t\t\t\t\t.max = 20,\n+\t\t\t\t\t.increment = 1\n+#else\n \t\t\t\t\t.min = 12,\n \t\t\t\t\t.max = 12,\n \t\t\t\t\t.increment = 0\n+#endif\n \t\t\t\t},\n \t\t\t\t.iv_size = { 0 }\n \t\t\t}, }\n@@ -67,9 +79,15 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {\n \t\t\t\t\t.increment = 1\n \t\t\t\t},\n \t\t\t\t.digest_size = {\n+#if IMB_VERSION_NUM >= IMB_VERSION(0, 50, 0)\n+\t\t\t\t\t.min = 1,\n+\t\t\t\t\t.max = 28,\n+\t\t\t\t\t.increment = 1\n+#else\n \t\t\t\t\t.min = 14,\n \t\t\t\t\t.max = 14,\n \t\t\t\t\t.increment = 0\n+#endif\n \t\t\t\t},\n \t\t\t\t.iv_size = { 0 }\n \t\t\t}, }\n@@ -88,9 +106,15 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {\n \t\t\t\t\t.increment = 1\n \t\t\t\t},\n \t\t\t\t.digest_size = {\n+#if IMB_VERSION_NUM >= IMB_VERSION(0, 50, 0)\n+\t\t\t\t\t.min = 1,\n+\t\t\t\t\t.max = 32,\n+\t\t\t\t\t.increment = 1\n+#else\n \t\t\t\t\t.min = 16,\n \t\t\t\t\t.max = 16,\n \t\t\t\t\t.increment = 0\n+#endif\n \t\t\t\t},\n \t\t\t\t.iv_size = { 0 }\n \t\t\t}, }\n@@ -109,9 +133,15 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {\n \t\t\t\t\t.increment = 1\n \t\t\t\t},\n \t\t\t\t.digest_size = {\n+#if IMB_VERSION_NUM >= IMB_VERSION(0, 50, 0)\n+\t\t\t\t\t.min = 1,\n+\t\t\t\t\t.max = 48,\n+\t\t\t\t\t.increment = 1\n+#else\n \t\t\t\t\t.min = 24,\n \t\t\t\t\t.max = 24,\n \t\t\t\t\t.increment = 0\n+#endif\n \t\t\t\t},\n \t\t\t\t.iv_size = { 0 }\n \t\t\t}, }\n@@ -130,9 +160,15 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {\n \t\t\t\t\t.increment = 1\n \t\t\t\t},\n \t\t\t\t.digest_size = {\n+#if IMB_VERSION_NUM >= IMB_VERSION(0, 50, 0)\n+\t\t\t\t\t.min = 1,\n+\t\t\t\t\t.max = 64,\n+\t\t\t\t\t.increment = 1\n+#else\n \t\t\t\t\t.min = 32,\n \t\t\t\t\t.max = 32,\n \t\t\t\t\t.increment = 0\n+#endif\n \t\t\t\t},\n \t\t\t\t.iv_size = { 0 }\n \t\t\t}, }\ndiff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h\nindex 70e9d18e5..cc5822a82 100644\n--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h\n+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h\n@@ -31,8 +31,8 @@ int aesni_mb_logtype_driver;\n #define HMAC_IPAD_VALUE\t\t\t(0x36)\n #define HMAC_OPAD_VALUE\t\t\t(0x5C)\n \n-/* Maximum length for digest (SHA-512 truncated needs 32 bytes) */\n-#define DIGEST_LENGTH_MAX 32\n+/* Maximum length for digest */\n+#define DIGEST_LENGTH_MAX 64\n static const unsigned auth_blocksize[] = {\n \t\t[MD5]\t\t= 64,\n \t\t[SHA1]\t\t= 64,\n@@ -95,7 +95,8 @@ static const unsigned auth_digest_byte_lengths[] = {\n };\n \n /**\n- * Get the output digest size in bytes for a specified authentication algorithm\n+ * Get the full digest size in bytes for a specified authentication algorithm\n+ * (if available in the Multi-buffer library)\n  *\n  * @Note: this function will not return a valid value for a non-valid\n  * authentication algorithm\n@@ -226,8 +227,10 @@ struct aesni_mb_session {\n \t\t\t} cmac;\n \t\t\t/**< Expanded XCBC authentication keys */\n \t\t};\n-\t/** digest size */\n-\tuint16_t digest_len;\n+\t/** Generated digest size by the Multi-buffer library */\n+\tuint16_t gen_digest_len;\n+\t/** Requested digest size from Cryptodev */\n+\tuint16_t req_digest_len;\n \n \t} auth;\n \tstruct {\n",
    "prefixes": [
        "1/5"
    ]
}