Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/97607/?format=api
{ "id": 97607, "url": "http://patchwork.dpdk.org/api/patches/97607/?format=api", "web_url": "http://patchwork.dpdk.org/project/dpdk/patch/20210831140127.31775-6-ktejasree@marvell.com/", "project": { "id": 1, "url": "http://patchwork.dpdk.org/api/projects/1/?format=api", "name": "DPDK", "link_name": "dpdk", "list_id": "dev.dpdk.org", "list_email": "dev@dpdk.org", "web_url": "http://core.dpdk.org", "scm_url": "git://dpdk.org/dpdk", "webscm_url": "http://git.dpdk.org/dpdk", "list_archive_url": "https://inbox.dpdk.org/dev", "list_archive_url_format": "https://inbox.dpdk.org/dev/{}", "commit_url_format": "" }, "msgid": "<20210831140127.31775-6-ktejasree@marvell.com>", "list_archive_url": "https://inbox.dpdk.org/dev/20210831140127.31775-6-ktejasree@marvell.com", "date": "2021-08-31T14:01:24", "name": "[5/8] crypto/cnxk: make IPsec verify functions common", "commit_ref": null, "pull_url": null, "state": "superseded", "archived": true, "hash": "cacc2c7382cbbb5c5be158febd72e2d62ff77126", "submitter": { "id": 1789, "url": "http://patchwork.dpdk.org/api/people/1789/?format=api", "name": "Tejasree Kondoj", "email": "ktejasree@marvell.com" }, "delegate": null, "mbox": "http://patchwork.dpdk.org/project/dpdk/patch/20210831140127.31775-6-ktejasree@marvell.com/mbox/", "series": [ { "id": 18562, "url": "http://patchwork.dpdk.org/api/series/18562/?format=api", "web_url": "http://patchwork.dpdk.org/project/dpdk/list/?series=18562", "date": "2021-08-31T14:01:19", "name": "add lookaside IPsec additional features", "version": 1, "mbox": "http://patchwork.dpdk.org/series/18562/mbox/" } ], "comments": "http://patchwork.dpdk.org/api/patches/97607/comments/", "check": "success", "checks": "http://patchwork.dpdk.org/api/patches/97607/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<dev-bounces@dpdk.org>", "X-Original-To": "patchwork@inbox.dpdk.org", "Delivered-To": "patchwork@inbox.dpdk.org", "Received": [ "from mails.dpdk.org (mails.dpdk.org [217.70.189.124])\n\tby inbox.dpdk.org (Postfix) with ESMTP id 5B6C1A0C46;\n\tTue, 31 Aug 2021 15:08:31 +0200 (CEST)", "from [217.70.189.124] (localhost [127.0.0.1])\n\tby mails.dpdk.org (Postfix) with ESMTP id 4A04740F35;\n\tTue, 31 Aug 2021 15:08:31 +0200 (CEST)", "from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com\n [67.231.156.173])\n by mails.dpdk.org (Postfix) with ESMTP id 0E582410DC\n for <dev@dpdk.org>; Tue, 31 Aug 2021 15:08:29 +0200 (CEST)", "from pps.filterd (m0045851.ppops.net [127.0.0.1])\n by mx0b-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id 17VCLvol027668\n for <dev@dpdk.org>; Tue, 31 Aug 2021 06:08:29 -0700", "from dc5-exch01.marvell.com ([199.233.59.181])\n by mx0b-0016f401.pphosted.com with ESMTP id 3asf15hhnv-2\n (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT)\n for <dev@dpdk.org>; Tue, 31 Aug 2021 06:08:29 -0700", "from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH01.marvell.com\n (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.18;\n Tue, 31 Aug 2021 06:08:26 -0700", "from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com\n (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend\n Transport; Tue, 31 Aug 2021 06:08:26 -0700", "from hyd1554T5810.caveonetworks.com.com (unknown [10.29.57.11])\n by maili.marvell.com (Postfix) with ESMTP id 13B093F7083;\n Tue, 31 Aug 2021 06:08:23 -0700 (PDT)" ], "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;\n h=from : to : cc :\n subject : date : message-id : in-reply-to : references : mime-version :\n content-transfer-encoding : content-type; s=pfpt0220;\n bh=8xGwZYDqZYxaQeW8NKFqwwp3vNnJp7KYz8ZkLGHwv/U=;\n b=LcxB5vjugxcQz6ayvBUraiUubkePsGJHxL1XhGscuMFkwA9ncORJPZGSVEoJBuWtqNAC\n 61EZDxcWopcvsZya6Y+uzLF9417iKIMfN2qOOj97bGxuK4txHvv7QLvRMNxj6Vn62vAt\n gm7eRgg9XQrkAhHlNtyRAt4FbekjiPKrZilQtjwfJJQJm4msUatINGuP75/P9jfwFlHl\n ufHbZNr3okb0pb/KB6dOiYlDOfaaZ1wuxwi95kmFAH20ZrZhQevkMY99FzVsgXASanbX\n QFCHFixLs00zrqIuH9Xlqiny8LJ4hCDMv7C+o+jOWq/f9mMHbOgD9eFGMe+GgV8RURpt Gg==", "From": "Tejasree Kondoj <ktejasree@marvell.com>", "To": "Akhil Goyal <gakhil@marvell.com>", "CC": "Archana Muniganti <marchana@marvell.com>, Anoob Joseph\n <anoobj@marvell.com>, Ankur Dwivedi <adwivedi@marvell.com>, Srujana Challa\n <schalla@marvell.com>, Nithin Dabilpuram <ndabilpuram@marvell.com>, \"Jerin\n Jacob\" <jerinj@marvell.com>,\n Tejasree Kondoj <ktejasree@marvell.com>, <dev@dpdk.org>", "Date": "Tue, 31 Aug 2021 19:31:24 +0530", "Message-ID": "<20210831140127.31775-6-ktejasree@marvell.com>", "X-Mailer": "git-send-email 2.27.0", "In-Reply-To": "<20210831140127.31775-1-ktejasree@marvell.com>", "References": "<20210831140127.31775-1-ktejasree@marvell.com>", "MIME-Version": "1.0", "Content-Transfer-Encoding": "8bit", "Content-Type": "text/plain", "X-Proofpoint-ORIG-GUID": "FCpfdcvDcKwdaLod6wtSCyEMTHrjKjWA", "X-Proofpoint-GUID": "FCpfdcvDcKwdaLod6wtSCyEMTHrjKjWA", "X-Proofpoint-Virus-Version": "vendor=baseguard\n engine=ICAP:2.0.182.1,Aquarius:18.0.790,Hydra:6.0.391,FMLib:17.0.607.475\n definitions=2021-08-31_05,2021-08-31_01,2020-04-07_01", "Subject": "[dpdk-dev] [PATCH 5/8] crypto/cnxk: make IPsec verify functions\n common", "X-BeenThere": "dev@dpdk.org", "X-Mailman-Version": "2.1.29", "Precedence": "list", "List-Id": "DPDK patches and discussions <dev.dpdk.org>", "List-Unsubscribe": "<https://mails.dpdk.org/options/dev>,\n <mailto:dev-request@dpdk.org?subject=unsubscribe>", "List-Archive": "<http://mails.dpdk.org/archives/dev/>", "List-Post": "<mailto:dev@dpdk.org>", "List-Help": "<mailto:dev-request@dpdk.org?subject=help>", "List-Subscribe": "<https://mails.dpdk.org/listinfo/dev>,\n <mailto:dev-request@dpdk.org?subject=subscribe>", "Errors-To": "dev-bounces@dpdk.org", "Sender": "\"dev\" <dev-bounces@dpdk.org>" }, "content": "From: Archana Muniganti <marchana@marvell.com>\n\nIPsec verify functions can be made common\n\nSigned-off-by: Archana Muniganti <marchana@marvell.com>\n---\n drivers/crypto/cnxk/cn10k_ipsec.c | 116 +-----------------------------\n drivers/crypto/cnxk/cnxk_ipsec.h | 113 +++++++++++++++++++++++++++++\n 2 files changed, 114 insertions(+), 115 deletions(-)", "diff": "diff --git a/drivers/crypto/cnxk/cn10k_ipsec.c b/drivers/crypto/cnxk/cn10k_ipsec.c\nindex 98110872a3..5c57cf2818 100644\n--- a/drivers/crypto/cnxk/cn10k_ipsec.c\n+++ b/drivers/crypto/cnxk/cn10k_ipsec.c\n@@ -17,120 +17,6 @@\n \n #include \"roc_api.h\"\n \n-static int\n-ipsec_xform_cipher_verify(struct rte_crypto_sym_xform *xform)\n-{\n-\tif (xform->cipher.algo == RTE_CRYPTO_CIPHER_AES_CBC) {\n-\t\tswitch (xform->cipher.key.length) {\n-\t\tcase 16:\n-\t\tcase 24:\n-\t\tcase 32:\n-\t\t\tbreak;\n-\t\tdefault:\n-\t\t\treturn -ENOTSUP;\n-\t\t}\n-\t\treturn 0;\n-\t}\n-\n-\treturn -ENOTSUP;\n-}\n-\n-static int\n-ipsec_xform_auth_verify(struct rte_crypto_sym_xform *xform)\n-{\n-\tuint16_t keylen = xform->auth.key.length;\n-\n-\tif (xform->auth.algo == RTE_CRYPTO_AUTH_SHA1_HMAC) {\n-\t\tif (keylen >= 20 && keylen <= 64)\n-\t\t\treturn 0;\n-\t}\n-\n-\treturn -ENOTSUP;\n-}\n-\n-static int\n-ipsec_xform_aead_verify(struct rte_security_ipsec_xform *ipsec_xfrm,\n-\t\t\tstruct rte_crypto_sym_xform *crypto_xfrm)\n-{\n-\tif (ipsec_xfrm->direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS &&\n-\t crypto_xfrm->aead.op != RTE_CRYPTO_AEAD_OP_ENCRYPT)\n-\t\treturn -EINVAL;\n-\n-\tif (ipsec_xfrm->direction == RTE_SECURITY_IPSEC_SA_DIR_INGRESS &&\n-\t crypto_xfrm->aead.op != RTE_CRYPTO_AEAD_OP_DECRYPT)\n-\t\treturn -EINVAL;\n-\n-\tif (crypto_xfrm->aead.algo == RTE_CRYPTO_AEAD_AES_GCM) {\n-\t\tswitch (crypto_xfrm->aead.key.length) {\n-\t\tcase ROC_CPT_AES128_KEY_LEN:\n-\t\tcase ROC_CPT_AES192_KEY_LEN:\n-\t\tcase ROC_CPT_AES256_KEY_LEN:\n-\t\t\tbreak;\n-\t\tdefault:\n-\t\t\treturn -EINVAL;\n-\t\t}\n-\t\treturn 0;\n-\t}\n-\n-\treturn -ENOTSUP;\n-}\n-\n-static int\n-cn10k_ipsec_xform_verify(struct rte_security_ipsec_xform *ipsec_xfrm,\n-\t\t\t struct rte_crypto_sym_xform *crypto_xfrm)\n-{\n-\tstruct rte_crypto_sym_xform *auth_xform, *cipher_xform;\n-\tint ret;\n-\n-\tif ((ipsec_xfrm->direction != RTE_SECURITY_IPSEC_SA_DIR_INGRESS) &&\n-\t (ipsec_xfrm->direction != RTE_SECURITY_IPSEC_SA_DIR_EGRESS))\n-\t\treturn -EINVAL;\n-\n-\tif ((ipsec_xfrm->proto != RTE_SECURITY_IPSEC_SA_PROTO_ESP) &&\n-\t (ipsec_xfrm->proto != RTE_SECURITY_IPSEC_SA_PROTO_AH))\n-\t\treturn -EINVAL;\n-\n-\tif ((ipsec_xfrm->mode != RTE_SECURITY_IPSEC_SA_MODE_TRANSPORT) &&\n-\t (ipsec_xfrm->mode != RTE_SECURITY_IPSEC_SA_MODE_TUNNEL))\n-\t\treturn -EINVAL;\n-\n-\tif ((ipsec_xfrm->tunnel.type != RTE_SECURITY_IPSEC_TUNNEL_IPV4) &&\n-\t (ipsec_xfrm->tunnel.type != RTE_SECURITY_IPSEC_TUNNEL_IPV6))\n-\t\treturn -EINVAL;\n-\n-\tif (crypto_xfrm->type == RTE_CRYPTO_SYM_XFORM_AEAD)\n-\t\treturn ipsec_xform_aead_verify(ipsec_xfrm, crypto_xfrm);\n-\n-\tif (crypto_xfrm->next == NULL)\n-\t\treturn -EINVAL;\n-\n-\tif (ipsec_xfrm->direction == RTE_SECURITY_IPSEC_SA_DIR_INGRESS) {\n-\t\t/* Ingress */\n-\t\tif (crypto_xfrm->type != RTE_CRYPTO_SYM_XFORM_AUTH ||\n-\t\t crypto_xfrm->next->type != RTE_CRYPTO_SYM_XFORM_CIPHER)\n-\t\t\treturn -EINVAL;\n-\t\tauth_xform = crypto_xfrm;\n-\t\tcipher_xform = crypto_xfrm->next;\n-\t} else {\n-\t\t/* Egress */\n-\t\tif (crypto_xfrm->type != RTE_CRYPTO_SYM_XFORM_CIPHER ||\n-\t\t crypto_xfrm->next->type != RTE_CRYPTO_SYM_XFORM_AUTH)\n-\t\t\treturn -EINVAL;\n-\t\tcipher_xform = crypto_xfrm;\n-\t\tauth_xform = crypto_xfrm->next;\n-\t}\n-\n-\tret = ipsec_xform_cipher_verify(cipher_xform);\n-\tif (ret)\n-\t\treturn ret;\n-\n-\tret = ipsec_xform_auth_verify(auth_xform);\n-\tif (ret)\n-\t\treturn ret;\n-\n-\treturn 0;\n-}\n-\n static uint64_t\n ipsec_cpt_inst_w7_get(struct roc_cpt *roc_cpt, void *sa)\n {\n@@ -245,7 +131,7 @@ cn10k_ipsec_session_create(void *dev,\n \t\treturn -EPERM;\n \t}\n \n-\tret = cn10k_ipsec_xform_verify(ipsec_xfrm, crypto_xfrm);\n+\tret = cnxk_ipsec_xform_verify(ipsec_xfrm, crypto_xfrm);\n \tif (ret)\n \t\treturn ret;\n \ndiff --git a/drivers/crypto/cnxk/cnxk_ipsec.h b/drivers/crypto/cnxk/cnxk_ipsec.h\nindex f6897a0e14..d1eb74ebbe 100644\n--- a/drivers/crypto/cnxk/cnxk_ipsec.h\n+++ b/drivers/crypto/cnxk/cnxk_ipsec.h\n@@ -17,4 +17,117 @@ struct cnxk_cpt_inst_tmpl {\n \tuint64_t w7;\n };\n \n+static inline int\n+ipsec_xform_cipher_verify(struct rte_crypto_sym_xform *crypto_xform)\n+{\n+\tif (crypto_xform->cipher.algo == RTE_CRYPTO_CIPHER_AES_CBC) {\n+\t\tswitch (crypto_xform->cipher.key.length) {\n+\t\tcase 16:\n+\t\tcase 24:\n+\t\tcase 32:\n+\t\t\tbreak;\n+\t\tdefault:\n+\t\t\treturn -ENOTSUP;\n+\t\t}\n+\t\treturn 0;\n+\t}\n+\n+\treturn -ENOTSUP;\n+}\n+\n+static inline int\n+ipsec_xform_auth_verify(struct rte_crypto_sym_xform *crypto_xform)\n+{\n+\tuint16_t keylen = crypto_xform->auth.key.length;\n+\n+\tif (crypto_xform->auth.algo == RTE_CRYPTO_AUTH_SHA1_HMAC) {\n+\t\tif (keylen >= 20 && keylen <= 64)\n+\t\t\treturn 0;\n+\t} else if (roc_model_is_cn9k() &&\n+\t\t (crypto_xform->auth.algo == RTE_CRYPTO_AUTH_SHA256_HMAC)) {\n+\t\tif (keylen >= 32 && keylen <= 64)\n+\t\t\treturn 0;\n+\t}\n+\n+\treturn -ENOTSUP;\n+}\n+\n+static inline int\n+ipsec_xform_aead_verify(struct rte_security_ipsec_xform *ipsec_xform,\n+\t\t\tstruct rte_crypto_sym_xform *crypto_xform)\n+{\n+\tif (ipsec_xform->direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS &&\n+\t crypto_xform->aead.op != RTE_CRYPTO_AEAD_OP_ENCRYPT)\n+\t\treturn -EINVAL;\n+\n+\tif (ipsec_xform->direction == RTE_SECURITY_IPSEC_SA_DIR_INGRESS &&\n+\t crypto_xform->aead.op != RTE_CRYPTO_AEAD_OP_DECRYPT)\n+\t\treturn -EINVAL;\n+\n+\tif (crypto_xform->aead.algo == RTE_CRYPTO_AEAD_AES_GCM) {\n+\t\tswitch (crypto_xform->aead.key.length) {\n+\t\tcase 16:\n+\t\tcase 24:\n+\t\tcase 32:\n+\t\t\tbreak;\n+\t\tdefault:\n+\t\t\treturn -EINVAL;\n+\t\t}\n+\t\treturn 0;\n+\t}\n+\n+\treturn -ENOTSUP;\n+}\n+\n+static inline int\n+cnxk_ipsec_xform_verify(struct rte_security_ipsec_xform *ipsec_xform,\n+\t\t\tstruct rte_crypto_sym_xform *crypto_xform)\n+{\n+\tstruct rte_crypto_sym_xform *auth_xform, *cipher_xform;\n+\tint ret;\n+\n+\tif ((ipsec_xform->direction != RTE_SECURITY_IPSEC_SA_DIR_INGRESS) &&\n+\t (ipsec_xform->direction != RTE_SECURITY_IPSEC_SA_DIR_EGRESS))\n+\t\treturn -EINVAL;\n+\n+\tif ((ipsec_xform->proto != RTE_SECURITY_IPSEC_SA_PROTO_ESP) &&\n+\t (ipsec_xform->proto != RTE_SECURITY_IPSEC_SA_PROTO_AH))\n+\t\treturn -EINVAL;\n+\n+\tif ((ipsec_xform->mode != RTE_SECURITY_IPSEC_SA_MODE_TRANSPORT) &&\n+\t (ipsec_xform->mode != RTE_SECURITY_IPSEC_SA_MODE_TUNNEL))\n+\t\treturn -EINVAL;\n+\n+\tif ((ipsec_xform->tunnel.type != RTE_SECURITY_IPSEC_TUNNEL_IPV4) &&\n+\t (ipsec_xform->tunnel.type != RTE_SECURITY_IPSEC_TUNNEL_IPV6))\n+\t\treturn -EINVAL;\n+\n+\tif (crypto_xform->type == RTE_CRYPTO_SYM_XFORM_AEAD)\n+\t\treturn ipsec_xform_aead_verify(ipsec_xform, crypto_xform);\n+\n+\tif (crypto_xform->next == NULL)\n+\t\treturn -EINVAL;\n+\n+\tif (ipsec_xform->direction == RTE_SECURITY_IPSEC_SA_DIR_INGRESS) {\n+\t\t/* Ingress */\n+\t\tif (crypto_xform->type != RTE_CRYPTO_SYM_XFORM_AUTH ||\n+\t\t crypto_xform->next->type != RTE_CRYPTO_SYM_XFORM_CIPHER)\n+\t\t\treturn -EINVAL;\n+\t\tauth_xform = crypto_xform;\n+\t\tcipher_xform = crypto_xform->next;\n+\t} else {\n+\t\t/* Egress */\n+\t\tif (crypto_xform->type != RTE_CRYPTO_SYM_XFORM_CIPHER ||\n+\t\t crypto_xform->next->type != RTE_CRYPTO_SYM_XFORM_AUTH)\n+\t\t\treturn -EINVAL;\n+\t\tcipher_xform = crypto_xform;\n+\t\tauth_xform = crypto_xform->next;\n+\t}\n+\n+\tret = ipsec_xform_cipher_verify(cipher_xform);\n+\tif (ret)\n+\t\treturn ret;\n+\n+\treturn ipsec_xform_auth_verify(auth_xform);\n+}\n #endif /* __CNXK_IPSEC_H__ */\n", "prefixes": [ "5/8" ] }