Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/43704/?format=api
{ "id": 43704, "url": "http://patchwork.dpdk.org/api/patches/43704/?format=api", "web_url": "http://patchwork.dpdk.org/project/dpdk/patch/20180814003848.11095-6-pablo.de.lara.guarch@intel.com/", "project": { "id": 1, "url": "http://patchwork.dpdk.org/api/projects/1/?format=api", "name": "DPDK", "link_name": "dpdk", "list_id": "dev.dpdk.org", "list_email": "dev@dpdk.org", "web_url": "http://core.dpdk.org", "scm_url": "git://dpdk.org/dpdk", "webscm_url": "http://git.dpdk.org/dpdk", "list_archive_url": "https://inbox.dpdk.org/dev", "list_archive_url_format": "https://inbox.dpdk.org/dev/{}", "commit_url_format": "" }, "msgid": "<20180814003848.11095-6-pablo.de.lara.guarch@intel.com>", "list_archive_url": "https://inbox.dpdk.org/dev/20180814003848.11095-6-pablo.de.lara.guarch@intel.com", "date": "2018-08-14T00:38:48", "name": "[5/5] crypto/aesni_mb: support large HMAC key sizes", "commit_ref": null, "pull_url": null, "state": "accepted", "archived": true, "hash": "61c1d614932a1c450fc04182604b2aaf2ede2c68", "submitter": { "id": 9, "url": "http://patchwork.dpdk.org/api/people/9/?format=api", "name": "De Lara Guarch, Pablo", "email": "pablo.de.lara.guarch@intel.com" }, "delegate": { "id": 6690, "url": "http://patchwork.dpdk.org/api/users/6690/?format=api", "username": "akhil", "first_name": "akhil", "last_name": "goyal", "email": "gakhil@marvell.com" }, "mbox": "http://patchwork.dpdk.org/project/dpdk/patch/20180814003848.11095-6-pablo.de.lara.guarch@intel.com/mbox/", "series": [ { "id": 976, "url": "http://patchwork.dpdk.org/api/series/976/?format=api", "web_url": "http://patchwork.dpdk.org/project/dpdk/list/?series=976", "date": "2018-08-14T00:38:43", "name": "AESNI MB PMD changes", "version": 1, "mbox": "http://patchwork.dpdk.org/series/976/mbox/" } ], "comments": "http://patchwork.dpdk.org/api/patches/43704/comments/", "check": "warning", "checks": "http://patchwork.dpdk.org/api/patches/43704/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<dev-bounces@dpdk.org>", "X-Original-To": "patchwork@dpdk.org", "Delivered-To": "patchwork@dpdk.org", "Received": [ "from [92.243.14.124] (localhost [127.0.0.1])\n\tby dpdk.org (Postfix) with ESMTP id 77EF44D3A;\n\tTue, 14 Aug 2018 10:45:26 +0200 (CEST)", "from mga07.intel.com (mga07.intel.com [134.134.136.100])\n\tby dpdk.org (Postfix) with ESMTP id 1DBA64C74\n\tfor <dev@dpdk.org>; Tue, 14 Aug 2018 10:45:20 +0200 (CEST)", "from orsmga004.jf.intel.com ([10.7.209.38])\n\tby orsmga105.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;\n\t14 Aug 2018 01:45:20 -0700", "from silpixa00399466.ir.intel.com (HELO\n\tsilpixa00399466.ger.corp.intel.com) ([10.237.223.220])\n\tby orsmga004.jf.intel.com with ESMTP; 14 Aug 2018 01:45:19 -0700" ], "X-Amp-Result": "SKIPPED(no attachment in message)", "X-Amp-File-Uploaded": "False", "X-ExtLoop1": "1", "X-IronPort-AV": "E=Sophos;i=\"5.53,237,1531810800\"; d=\"scan'208\";a=\"224482064\"", "From": "Pablo de Lara <pablo.de.lara.guarch@intel.com>", "To": "declan.doherty@intel.com", "Cc": "dev@dpdk.org,\n\tPablo de Lara <pablo.de.lara.guarch@intel.com>", "Date": "Tue, 14 Aug 2018 01:38:48 +0100", "Message-Id": "<20180814003848.11095-6-pablo.de.lara.guarch@intel.com>", "X-Mailer": "git-send-email 2.17.1", "In-Reply-To": "<20180814003848.11095-1-pablo.de.lara.guarch@intel.com>", "References": "<20180814003848.11095-1-pablo.de.lara.guarch@intel.com>", "Subject": "[dpdk-dev] [PATCH 5/5] crypto/aesni_mb: support large HMAC key sizes", "X-BeenThere": "dev@dpdk.org", "X-Mailman-Version": "2.1.15", "Precedence": "list", "List-Id": "DPDK patches and discussions <dev.dpdk.org>", "List-Unsubscribe": "<https://mails.dpdk.org/options/dev>,\n\t<mailto:dev-request@dpdk.org?subject=unsubscribe>", "List-Archive": "<http://mails.dpdk.org/archives/dev/>", "List-Post": "<mailto:dev@dpdk.org>", "List-Help": "<mailto:dev-request@dpdk.org?subject=help>", "List-Subscribe": "<https://mails.dpdk.org/listinfo/dev>,\n\t<mailto:dev-request@dpdk.org?subject=subscribe>", "Errors-To": "dev-bounces@dpdk.org", "Sender": "\"dev\" <dev-bounces@dpdk.org>" }, "content": "Add support for SHAx-HMAC key sizes larger than the block size.\nFor these sizes, the input key is digested with the non-HMAC\nversion of the algorithm and used as the key.\n\nSigned-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>\n---\n drivers/crypto/aesni_mb/aesni_mb_ops.h | 61 +++++++++++++++++++\n drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 59 +++++++++++++++++-\n .../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 20 ++++++\n .../aesni_mb/rte_aesni_mb_pmd_private.h | 9 ---\n 4 files changed, 138 insertions(+), 11 deletions(-)", "diff": "diff --git a/drivers/crypto/aesni_mb/aesni_mb_ops.h b/drivers/crypto/aesni_mb/aesni_mb_ops.h\nindex 5a1cba6cb..d224b7249 100644\n--- a/drivers/crypto/aesni_mb/aesni_mb_ops.h\n+++ b/drivers/crypto/aesni_mb/aesni_mb_ops.h\n@@ -11,6 +11,15 @@\n \n #include <intel-ipsec-mb.h>\n \n+/*\n+ * IMB_VERSION_NUM macro was introduced in version Multi-buffer 0.50,\n+ * so if macro is not defined, it means that the version is 0.49.\n+ */\n+#if !defined(IMB_VERSION_NUM)\n+#define IMB_VERSION(a, b, c) (((a) << 16) + ((b) << 8) + (c))\n+#define IMB_VERSION_NUM IMB_VERSION(0, 49, 0)\n+#endif\n+\n enum aesni_mb_vector_mode {\n \tRTE_AESNI_MB_NOT_SUPPORTED = 0,\n \tRTE_AESNI_MB_SSE,\n@@ -88,6 +97,16 @@ struct aesni_mb_op_fns {\n \t\t\t/**< AES CMAC key expansions */\n \t\t} keyexp;\n \t\t/**< Key expansion functions */\n+#if IMB_VERSION_NUM >= IMB_VERSION(0, 50, 0)\n+\t\tstruct {\n+\t\t\thash_fn_t sha1;\n+\t\t\thash_fn_t sha224;\n+\t\t\thash_fn_t sha256;\n+\t\t\thash_fn_t sha384;\n+\t\t\thash_fn_t sha512;\n+\t\t} multi_block;\n+\t\t/** multi block hash functions */\n+#endif\n \t} aux;\n \t/**< Auxiliary functions */\n };\n@@ -104,7 +123,13 @@ static const struct aesni_mb_op_fns job_ops[] = {\n \t\t\t\t},\n \t\t\t\t.keyexp = {\n \t\t\t\t\tNULL\n+\t\t\t\t},\n+#if IMB_VERSION_NUM >= IMB_VERSION(0, 50, 0)\n+\t\t\t\t.multi_block = {\n+\t\t\t\t\tNULL\n \t\t\t\t}\n+#endif\n+\n \t\t\t}\n \t\t},\n \t\t[RTE_AESNI_MB_SSE] = {\n@@ -131,7 +156,16 @@ static const struct aesni_mb_op_fns job_ops[] = {\n \t\t\t\t\taes_xcbc_expand_key_sse,\n \t\t\t\t\taes_cmac_subkey_gen_sse,\n \t\t\t\t\taes_keyexp_128_enc_sse\n+\t\t\t\t},\n+#if IMB_VERSION_NUM >= IMB_VERSION(0, 50, 0)\n+\t\t\t\t.multi_block = {\n+\t\t\t\t\tsha1_sse,\n+\t\t\t\t\tsha224_sse,\n+\t\t\t\t\tsha256_sse,\n+\t\t\t\t\tsha384_sse,\n+\t\t\t\t\tsha512_sse\n \t\t\t\t}\n+#endif\n \t\t\t}\n \t\t},\n \t\t[RTE_AESNI_MB_AVX] = {\n@@ -158,7 +192,16 @@ static const struct aesni_mb_op_fns job_ops[] = {\n \t\t\t\t\taes_xcbc_expand_key_avx,\n \t\t\t\t\taes_cmac_subkey_gen_avx,\n \t\t\t\t\taes_keyexp_128_enc_avx\n+\t\t\t\t},\n+#if IMB_VERSION_NUM >= IMB_VERSION(0, 50, 0)\n+\t\t\t\t.multi_block = {\n+\t\t\t\t\tsha1_avx,\n+\t\t\t\t\tsha224_avx,\n+\t\t\t\t\tsha256_avx,\n+\t\t\t\t\tsha384_avx,\n+\t\t\t\t\tsha512_avx\n \t\t\t\t}\n+#endif\n \t\t\t}\n \t\t},\n \t\t[RTE_AESNI_MB_AVX2] = {\n@@ -185,7 +228,16 @@ static const struct aesni_mb_op_fns job_ops[] = {\n \t\t\t\t\taes_xcbc_expand_key_avx2,\n \t\t\t\t\taes_cmac_subkey_gen_avx2,\n \t\t\t\t\taes_keyexp_128_enc_avx2\n+\t\t\t\t},\n+#if IMB_VERSION_NUM >= IMB_VERSION(0, 50, 0)\n+\t\t\t\t.multi_block = {\n+\t\t\t\t\tsha1_avx2,\n+\t\t\t\t\tsha224_avx2,\n+\t\t\t\t\tsha256_avx2,\n+\t\t\t\t\tsha384_avx2,\n+\t\t\t\t\tsha512_avx2\n \t\t\t\t}\n+#endif\n \t\t\t}\n \t\t},\n \t\t[RTE_AESNI_MB_AVX512] = {\n@@ -212,7 +264,16 @@ static const struct aesni_mb_op_fns job_ops[] = {\n \t\t\t\t\taes_xcbc_expand_key_avx512,\n \t\t\t\t\taes_cmac_subkey_gen_avx512,\n \t\t\t\t\taes_keyexp_128_enc_avx512\n+\t\t\t\t},\n+#if IMB_VERSION_NUM >= IMB_VERSION(0, 50, 0)\n+\t\t\t\t.multi_block = {\n+\t\t\t\t\tsha1_avx512,\n+\t\t\t\t\tsha224_avx512,\n+\t\t\t\t\tsha256_avx512,\n+\t\t\t\t\tsha384_avx512,\n+\t\t\t\t\tsha512_avx512\n \t\t\t\t}\n+#endif\n \t\t\t}\n \t\t}\n };\ndiff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c\nindex 007c3fb2b..b5a3692e6 100644\n--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c\n+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c\n@@ -16,7 +16,7 @@\n \n #define AES_CCM_DIGEST_MIN_LEN 4\n #define AES_CCM_DIGEST_MAX_LEN 16\n-\n+#define HMAC_MAX_BLOCK_SIZE 128\n static uint8_t cryptodev_driver_id;\n \n typedef void (*hash_one_block_t)(const void *data, void *digest);\n@@ -104,6 +104,8 @@ aesni_mb_set_session_auth_parameters(const struct aesni_mb_op_fns *mb_ops,\n \t\tconst struct rte_crypto_sym_xform *xform)\n {\n \thash_one_block_t hash_oneblock_fn;\n+\tunsigned int key_larger_block_size = 0;\n+\tuint8_t hashed_key[HMAC_MAX_BLOCK_SIZE] = { 0 };\n \n \tif (xform == NULL) {\n \t\tsess->auth.algo = NULL_HASH;\n@@ -182,22 +184,67 @@ aesni_mb_set_session_auth_parameters(const struct aesni_mb_op_fns *mb_ops,\n \tcase RTE_CRYPTO_AUTH_SHA1_HMAC:\n \t\tsess->auth.algo = SHA1;\n \t\thash_oneblock_fn = mb_ops->aux.one_block.sha1;\n+#if IMB_VERSION_NUM >= IMB_VERSION(0, 50, 0)\n+\t\tif (xform->auth.key.length > get_auth_algo_blocksize(SHA1)) {\n+\t\t\tmb_ops->aux.multi_block.sha1(\n+\t\t\t\txform->auth.key.data,\n+\t\t\t\txform->auth.key.length,\n+\t\t\t\thashed_key);\n+\t\t\tkey_larger_block_size = 1;\n+\t\t}\n+#endif\n \t\tbreak;\n \tcase RTE_CRYPTO_AUTH_SHA224_HMAC:\n \t\tsess->auth.algo = SHA_224;\n \t\thash_oneblock_fn = mb_ops->aux.one_block.sha224;\n+#if IMB_VERSION_NUM >= IMB_VERSION(0, 50, 0)\n+\t\tif (xform->auth.key.length > get_auth_algo_blocksize(SHA_224)) {\n+\t\t\tmb_ops->aux.multi_block.sha224(\n+\t\t\t\txform->auth.key.data,\n+\t\t\t\txform->auth.key.length,\n+\t\t\t\thashed_key);\n+\t\t\tkey_larger_block_size = 1;\n+\t\t}\n+#endif\n \t\tbreak;\n \tcase RTE_CRYPTO_AUTH_SHA256_HMAC:\n \t\tsess->auth.algo = SHA_256;\n \t\thash_oneblock_fn = mb_ops->aux.one_block.sha256;\n+#if IMB_VERSION_NUM >= IMB_VERSION(0, 50, 0)\n+\t\tif (xform->auth.key.length > get_auth_algo_blocksize(SHA_256)) {\n+\t\t\tmb_ops->aux.multi_block.sha256(\n+\t\t\t\txform->auth.key.data,\n+\t\t\t\txform->auth.key.length,\n+\t\t\t\thashed_key);\n+\t\t\tkey_larger_block_size = 1;\n+\t\t}\n+#endif\n \t\tbreak;\n \tcase RTE_CRYPTO_AUTH_SHA384_HMAC:\n \t\tsess->auth.algo = SHA_384;\n \t\thash_oneblock_fn = mb_ops->aux.one_block.sha384;\n+#if IMB_VERSION_NUM >= IMB_VERSION(0, 50, 0)\n+\t\tif (xform->auth.key.length > get_auth_algo_blocksize(SHA_384)) {\n+\t\t\tmb_ops->aux.multi_block.sha384(\n+\t\t\t\txform->auth.key.data,\n+\t\t\t\txform->auth.key.length,\n+\t\t\t\thashed_key);\n+\t\t\tkey_larger_block_size = 1;\n+\t\t}\n+#endif\n \t\tbreak;\n \tcase RTE_CRYPTO_AUTH_SHA512_HMAC:\n \t\tsess->auth.algo = SHA_512;\n \t\thash_oneblock_fn = mb_ops->aux.one_block.sha512;\n+#if IMB_VERSION_NUM >= IMB_VERSION(0, 50, 0)\n+\t\tif (xform->auth.key.length > get_auth_algo_blocksize(SHA_512)) {\n+\t\t\tmb_ops->aux.multi_block.sha512(\n+\t\t\t\txform->auth.key.data,\n+\t\t\t\txform->auth.key.length,\n+\t\t\t\thashed_key);\n+\t\t\tkey_larger_block_size = 1;\n+\t\t}\n+#endif\n \t\tbreak;\n \tdefault:\n \t\tAESNI_MB_LOG(ERR, \"Unsupported authentication algorithm selection\");\n@@ -225,11 +272,19 @@ aesni_mb_set_session_auth_parameters(const struct aesni_mb_op_fns *mb_ops,\n \t\tsess->auth.gen_digest_len = sess->auth.req_digest_len;\n \n \t/* Calculate Authentication precomputes */\n-\tcalculate_auth_precomputes(hash_oneblock_fn,\n+\tif (key_larger_block_size) {\n+\t\tcalculate_auth_precomputes(hash_oneblock_fn,\n+\t\t\tsess->auth.pads.inner, sess->auth.pads.outer,\n+\t\t\thashed_key,\n+\t\t\txform->auth.key.length,\n+\t\t\tget_auth_algo_blocksize(sess->auth.algo));\n+\t} else {\n+\t\tcalculate_auth_precomputes(hash_oneblock_fn,\n \t\t\tsess->auth.pads.inner, sess->auth.pads.outer,\n \t\t\txform->auth.key.data,\n \t\t\txform->auth.key.length,\n \t\t\tget_auth_algo_blocksize(sess->auth.algo));\n+\t}\n \n \treturn 0;\n }\ndiff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c\nindex e41ba70fa..4f0139b20 100644\n--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c\n+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c\n@@ -48,7 +48,11 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {\n \t\t\t\t.block_size = 64,\n \t\t\t\t.key_size = {\n \t\t\t\t\t.min = 1,\n+#if IMB_VERSION_NUM >= IMB_VERSION(0, 50, 0)\n+\t\t\t\t\t.max = 65535,\n+#else\n \t\t\t\t\t.max = 64,\n+#endif\n \t\t\t\t\t.increment = 1\n \t\t\t\t},\n \t\t\t\t.digest_size = {\n@@ -75,7 +79,11 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {\n \t\t\t\t.block_size = 64,\n \t\t\t\t.key_size = {\n \t\t\t\t\t.min = 1,\n+#if IMB_VERSION_NUM >= IMB_VERSION(0, 50, 0)\n+\t\t\t\t\t.max = 65535,\n+#else\n \t\t\t\t\t.max = 64,\n+#endif\n \t\t\t\t\t.increment = 1\n \t\t\t\t},\n \t\t\t\t.digest_size = {\n@@ -102,7 +110,11 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {\n \t\t\t\t.block_size = 64,\n \t\t\t\t.key_size = {\n \t\t\t\t\t.min = 1,\n+#if IMB_VERSION_NUM >= IMB_VERSION(0, 50, 0)\n+\t\t\t\t\t.max = 65535,\n+#else\n \t\t\t\t\t.max = 64,\n+#endif\n \t\t\t\t\t.increment = 1\n \t\t\t\t},\n \t\t\t\t.digest_size = {\n@@ -129,7 +141,11 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {\n \t\t\t\t.block_size = 128,\n \t\t\t\t.key_size = {\n \t\t\t\t\t.min = 1,\n+#if IMB_VERSION_NUM >= IMB_VERSION(0, 50, 0)\n+\t\t\t\t\t.max = 65535,\n+#else\n \t\t\t\t\t.max = 128,\n+#endif\n \t\t\t\t\t.increment = 1\n \t\t\t\t},\n \t\t\t\t.digest_size = {\n@@ -156,7 +172,11 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {\n \t\t\t\t.block_size = 128,\n \t\t\t\t.key_size = {\n \t\t\t\t\t.min = 1,\n+#if IMB_VERSION_NUM >= IMB_VERSION(0, 50, 0)\n+\t\t\t\t\t.max = 65535,\n+#else\n \t\t\t\t\t.max = 128,\n+#endif\n \t\t\t\t\t.increment = 1\n \t\t\t\t},\n \t\t\t\t.digest_size = {\ndiff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h\nindex 1e297f032..8c027a87e 100644\n--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h\n+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h\n@@ -7,15 +7,6 @@\n \n #include \"aesni_mb_ops.h\"\n \n-/*\n- * IMB_VERSION_NUM macro was introduced in version Multi-buffer 0.50,\n- * so if macro is not defined, it means that the version is 0.49.\n- */\n-#if !defined(IMB_VERSION_NUM)\n-#define IMB_VERSION(a, b, c) (((a) << 16) + ((b) << 8) + (c))\n-#define IMB_VERSION_NUM IMB_VERSION(0, 49, 0)\n-#endif\n-\n #define CRYPTODEV_NAME_AESNI_MB_PMD\tcrypto_aesni_mb\n /**< AES-NI Multi buffer PMD device name */\n \n", "prefixes": [ "5/5" ] }