Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/97675/?format=api
{ "id": 97675, "url": "http://patchwork.dpdk.org/api/patches/97675/?format=api", "web_url": "http://patchwork.dpdk.org/project/dpdk/patch/20210901101930.29333-6-ktejasree@marvell.com/", "project": { "id": 1, "url": "http://patchwork.dpdk.org/api/projects/1/?format=api", "name": "DPDK", "link_name": "dpdk", "list_id": "dev.dpdk.org", "list_email": "dev@dpdk.org", "web_url": "http://core.dpdk.org", "scm_url": "git://dpdk.org/dpdk", "webscm_url": "http://git.dpdk.org/dpdk", "list_archive_url": "https://inbox.dpdk.org/dev", "list_archive_url_format": "https://inbox.dpdk.org/dev/{}", "commit_url_format": "" }, "msgid": "<20210901101930.29333-6-ktejasree@marvell.com>", "list_archive_url": "https://inbox.dpdk.org/dev/20210901101930.29333-6-ktejasree@marvell.com", "date": "2021-09-01T10:19:27", "name": "[v2,5/8] crypto/cnxk: make IPsec verify functions common", "commit_ref": null, "pull_url": null, "state": "accepted", "archived": true, "hash": "cacc2c7382cbbb5c5be158febd72e2d62ff77126", "submitter": { "id": 1789, "url": "http://patchwork.dpdk.org/api/people/1789/?format=api", "name": "Tejasree Kondoj", "email": "ktejasree@marvell.com" }, "delegate": { "id": 6690, "url": "http://patchwork.dpdk.org/api/users/6690/?format=api", "username": "akhil", "first_name": "akhil", "last_name": "goyal", "email": "gakhil@marvell.com" }, "mbox": "http://patchwork.dpdk.org/project/dpdk/patch/20210901101930.29333-6-ktejasree@marvell.com/mbox/", "series": [ { "id": 18598, "url": "http://patchwork.dpdk.org/api/series/18598/?format=api", "web_url": "http://patchwork.dpdk.org/project/dpdk/list/?series=18598", "date": "2021-09-01T10:19:26", "name": "add lookaside IPsec additional features", "version": 2, "mbox": "http://patchwork.dpdk.org/series/18598/mbox/" } ], "comments": "http://patchwork.dpdk.org/api/patches/97675/comments/", "check": "success", "checks": "http://patchwork.dpdk.org/api/patches/97675/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<dev-bounces@dpdk.org>", "X-Original-To": "patchwork@inbox.dpdk.org", "Delivered-To": "patchwork@inbox.dpdk.org", "Received": [ "from mails.dpdk.org (mails.dpdk.org [217.70.189.124])\n\tby inbox.dpdk.org (Postfix) with ESMTP id C48A3A0C4D;\n\tWed, 1 Sep 2021 11:25:55 +0200 (CEST)", "from [217.70.189.124] (localhost [127.0.0.1])\n\tby mails.dpdk.org (Postfix) with ESMTP id A27CC41136;\n\tWed, 1 Sep 2021 11:25:49 +0200 (CEST)", "from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com\n [67.231.156.173])\n by mails.dpdk.org (Postfix) with ESMTP id 2EB074013F\n for <dev@dpdk.org>; Wed, 1 Sep 2021 11:25:47 +0200 (CEST)", "from pps.filterd (m0045851.ppops.net [127.0.0.1])\n by mx0b-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id 1819KrmZ015711\n for <dev@dpdk.org>; Wed, 1 Sep 2021 02:25:45 -0700", "from dc5-exch01.marvell.com ([199.233.59.181])\n by mx0b-0016f401.pphosted.com with ESMTP id 3at0ax9fde-1\n (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT)\n for <dev@dpdk.org>; Wed, 01 Sep 2021 02:25:44 -0700", "from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH01.marvell.com\n (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.18;\n Wed, 1 Sep 2021 02:25:42 -0700", "from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com\n (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.18 via Frontend\n Transport; Wed, 1 Sep 2021 02:25:42 -0700", "from hyd1554T5810.caveonetworks.com.com (unknown [10.29.57.11])\n by maili.marvell.com (Postfix) with ESMTP id EC9783F7088;\n Wed, 1 Sep 2021 02:25:39 -0700 (PDT)" ], "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;\n h=from : to : cc :\n subject : date : message-id : in-reply-to : references : mime-version :\n content-transfer-encoding : content-type; s=pfpt0220;\n bh=8xGwZYDqZYxaQeW8NKFqwwp3vNnJp7KYz8ZkLGHwv/U=;\n b=X7Z+BmaWIu4Fw31qGVm7gq/KigB0GnEnAC4y4BI+z7Zs67u1FJozfDiQ3ItplbHCqGr8\n aGc6lWkXVR0kYkAKssjGHkbEO1kwVrFrckWSRt2z/Z98O/3/mlFCEirA0MRWq8oP/EwU\n YWG8MK8PIsGE/9UYobgKxp7SevdRMTg9Vi/fZuL0/N5Z+ks9hvRuSjRhlYk/bUEJqnh9\n +/PyUqAP1X16xDb3XVQEs6FjaNCkHIq3apd76npgX0jHmyYiUniBx61Y65wNO0LyRjBI\n /hMNmvEgDDkBGzr9Ku2h+NJnGeuOUhhaaHNn/5ssffb5opZ+08G2W07WbdOq168ulzSe KQ==", "From": "Tejasree Kondoj <ktejasree@marvell.com>", "To": "Akhil Goyal <gakhil@marvell.com>", "CC": "Archana Muniganti <marchana@marvell.com>, Anoob Joseph\n <anoobj@marvell.com>, Ankur Dwivedi <adwivedi@marvell.com>, Srujana Challa\n <schalla@marvell.com>, Nithin Dabilpuram <ndabilpuram@marvell.com>, \"Jerin\n Jacob\" <jerinj@marvell.com>,\n Tejasree Kondoj <ktejasree@marvell.com>, <dev@dpdk.org>", "Date": "Wed, 1 Sep 2021 15:49:27 +0530", "Message-ID": "<20210901101930.29333-6-ktejasree@marvell.com>", "X-Mailer": "git-send-email 2.27.0", "In-Reply-To": "<20210901101930.29333-1-ktejasree@marvell.com>", "References": "<20210901101930.29333-1-ktejasree@marvell.com>", "MIME-Version": "1.0", "Content-Transfer-Encoding": "8bit", "Content-Type": "text/plain", "X-Proofpoint-GUID": "QkK_H_2tJTCHSrGfgwbj3DT7JhnwO8lt", "X-Proofpoint-ORIG-GUID": "QkK_H_2tJTCHSrGfgwbj3DT7JhnwO8lt", "X-Proofpoint-Virus-Version": "vendor=baseguard\n engine=ICAP:2.0.182.1,Aquarius:18.0.790,Hydra:6.0.391,FMLib:17.0.607.475\n definitions=2021-09-01_03,2021-08-31_01,2020-04-07_01", "Subject": "[dpdk-dev] [PATCH v2 5/8] crypto/cnxk: make IPsec verify functions\n common", "X-BeenThere": "dev@dpdk.org", "X-Mailman-Version": "2.1.29", "Precedence": "list", "List-Id": "DPDK patches and discussions <dev.dpdk.org>", "List-Unsubscribe": "<https://mails.dpdk.org/options/dev>,\n <mailto:dev-request@dpdk.org?subject=unsubscribe>", "List-Archive": "<http://mails.dpdk.org/archives/dev/>", "List-Post": "<mailto:dev@dpdk.org>", "List-Help": "<mailto:dev-request@dpdk.org?subject=help>", "List-Subscribe": "<https://mails.dpdk.org/listinfo/dev>,\n <mailto:dev-request@dpdk.org?subject=subscribe>", "Errors-To": "dev-bounces@dpdk.org", "Sender": "\"dev\" <dev-bounces@dpdk.org>" }, "content": "From: Archana Muniganti <marchana@marvell.com>\n\nIPsec verify functions can be made common\n\nSigned-off-by: Archana Muniganti <marchana@marvell.com>\n---\n drivers/crypto/cnxk/cn10k_ipsec.c | 116 +-----------------------------\n drivers/crypto/cnxk/cnxk_ipsec.h | 113 +++++++++++++++++++++++++++++\n 2 files changed, 114 insertions(+), 115 deletions(-)", "diff": "diff --git a/drivers/crypto/cnxk/cn10k_ipsec.c b/drivers/crypto/cnxk/cn10k_ipsec.c\nindex 98110872a3..5c57cf2818 100644\n--- a/drivers/crypto/cnxk/cn10k_ipsec.c\n+++ b/drivers/crypto/cnxk/cn10k_ipsec.c\n@@ -17,120 +17,6 @@\n \n #include \"roc_api.h\"\n \n-static int\n-ipsec_xform_cipher_verify(struct rte_crypto_sym_xform *xform)\n-{\n-\tif (xform->cipher.algo == RTE_CRYPTO_CIPHER_AES_CBC) {\n-\t\tswitch (xform->cipher.key.length) {\n-\t\tcase 16:\n-\t\tcase 24:\n-\t\tcase 32:\n-\t\t\tbreak;\n-\t\tdefault:\n-\t\t\treturn -ENOTSUP;\n-\t\t}\n-\t\treturn 0;\n-\t}\n-\n-\treturn -ENOTSUP;\n-}\n-\n-static int\n-ipsec_xform_auth_verify(struct rte_crypto_sym_xform *xform)\n-{\n-\tuint16_t keylen = xform->auth.key.length;\n-\n-\tif (xform->auth.algo == RTE_CRYPTO_AUTH_SHA1_HMAC) {\n-\t\tif (keylen >= 20 && keylen <= 64)\n-\t\t\treturn 0;\n-\t}\n-\n-\treturn -ENOTSUP;\n-}\n-\n-static int\n-ipsec_xform_aead_verify(struct rte_security_ipsec_xform *ipsec_xfrm,\n-\t\t\tstruct rte_crypto_sym_xform *crypto_xfrm)\n-{\n-\tif (ipsec_xfrm->direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS &&\n-\t crypto_xfrm->aead.op != RTE_CRYPTO_AEAD_OP_ENCRYPT)\n-\t\treturn -EINVAL;\n-\n-\tif (ipsec_xfrm->direction == RTE_SECURITY_IPSEC_SA_DIR_INGRESS &&\n-\t crypto_xfrm->aead.op != RTE_CRYPTO_AEAD_OP_DECRYPT)\n-\t\treturn -EINVAL;\n-\n-\tif (crypto_xfrm->aead.algo == RTE_CRYPTO_AEAD_AES_GCM) {\n-\t\tswitch (crypto_xfrm->aead.key.length) {\n-\t\tcase ROC_CPT_AES128_KEY_LEN:\n-\t\tcase ROC_CPT_AES192_KEY_LEN:\n-\t\tcase ROC_CPT_AES256_KEY_LEN:\n-\t\t\tbreak;\n-\t\tdefault:\n-\t\t\treturn -EINVAL;\n-\t\t}\n-\t\treturn 0;\n-\t}\n-\n-\treturn -ENOTSUP;\n-}\n-\n-static int\n-cn10k_ipsec_xform_verify(struct rte_security_ipsec_xform *ipsec_xfrm,\n-\t\t\t struct rte_crypto_sym_xform *crypto_xfrm)\n-{\n-\tstruct rte_crypto_sym_xform *auth_xform, *cipher_xform;\n-\tint ret;\n-\n-\tif ((ipsec_xfrm->direction != RTE_SECURITY_IPSEC_SA_DIR_INGRESS) &&\n-\t (ipsec_xfrm->direction != RTE_SECURITY_IPSEC_SA_DIR_EGRESS))\n-\t\treturn -EINVAL;\n-\n-\tif ((ipsec_xfrm->proto != RTE_SECURITY_IPSEC_SA_PROTO_ESP) &&\n-\t (ipsec_xfrm->proto != RTE_SECURITY_IPSEC_SA_PROTO_AH))\n-\t\treturn -EINVAL;\n-\n-\tif ((ipsec_xfrm->mode != RTE_SECURITY_IPSEC_SA_MODE_TRANSPORT) &&\n-\t (ipsec_xfrm->mode != RTE_SECURITY_IPSEC_SA_MODE_TUNNEL))\n-\t\treturn -EINVAL;\n-\n-\tif ((ipsec_xfrm->tunnel.type != RTE_SECURITY_IPSEC_TUNNEL_IPV4) &&\n-\t (ipsec_xfrm->tunnel.type != RTE_SECURITY_IPSEC_TUNNEL_IPV6))\n-\t\treturn -EINVAL;\n-\n-\tif (crypto_xfrm->type == RTE_CRYPTO_SYM_XFORM_AEAD)\n-\t\treturn ipsec_xform_aead_verify(ipsec_xfrm, crypto_xfrm);\n-\n-\tif (crypto_xfrm->next == NULL)\n-\t\treturn -EINVAL;\n-\n-\tif (ipsec_xfrm->direction == RTE_SECURITY_IPSEC_SA_DIR_INGRESS) {\n-\t\t/* Ingress */\n-\t\tif (crypto_xfrm->type != RTE_CRYPTO_SYM_XFORM_AUTH ||\n-\t\t crypto_xfrm->next->type != RTE_CRYPTO_SYM_XFORM_CIPHER)\n-\t\t\treturn -EINVAL;\n-\t\tauth_xform = crypto_xfrm;\n-\t\tcipher_xform = crypto_xfrm->next;\n-\t} else {\n-\t\t/* Egress */\n-\t\tif (crypto_xfrm->type != RTE_CRYPTO_SYM_XFORM_CIPHER ||\n-\t\t crypto_xfrm->next->type != RTE_CRYPTO_SYM_XFORM_AUTH)\n-\t\t\treturn -EINVAL;\n-\t\tcipher_xform = crypto_xfrm;\n-\t\tauth_xform = crypto_xfrm->next;\n-\t}\n-\n-\tret = ipsec_xform_cipher_verify(cipher_xform);\n-\tif (ret)\n-\t\treturn ret;\n-\n-\tret = ipsec_xform_auth_verify(auth_xform);\n-\tif (ret)\n-\t\treturn ret;\n-\n-\treturn 0;\n-}\n-\n static uint64_t\n ipsec_cpt_inst_w7_get(struct roc_cpt *roc_cpt, void *sa)\n {\n@@ -245,7 +131,7 @@ cn10k_ipsec_session_create(void *dev,\n \t\treturn -EPERM;\n \t}\n \n-\tret = cn10k_ipsec_xform_verify(ipsec_xfrm, crypto_xfrm);\n+\tret = cnxk_ipsec_xform_verify(ipsec_xfrm, crypto_xfrm);\n \tif (ret)\n \t\treturn ret;\n \ndiff --git a/drivers/crypto/cnxk/cnxk_ipsec.h b/drivers/crypto/cnxk/cnxk_ipsec.h\nindex f6897a0e14..d1eb74ebbe 100644\n--- a/drivers/crypto/cnxk/cnxk_ipsec.h\n+++ b/drivers/crypto/cnxk/cnxk_ipsec.h\n@@ -17,4 +17,117 @@ struct cnxk_cpt_inst_tmpl {\n \tuint64_t w7;\n };\n \n+static inline int\n+ipsec_xform_cipher_verify(struct rte_crypto_sym_xform *crypto_xform)\n+{\n+\tif (crypto_xform->cipher.algo == RTE_CRYPTO_CIPHER_AES_CBC) {\n+\t\tswitch (crypto_xform->cipher.key.length) {\n+\t\tcase 16:\n+\t\tcase 24:\n+\t\tcase 32:\n+\t\t\tbreak;\n+\t\tdefault:\n+\t\t\treturn -ENOTSUP;\n+\t\t}\n+\t\treturn 0;\n+\t}\n+\n+\treturn -ENOTSUP;\n+}\n+\n+static inline int\n+ipsec_xform_auth_verify(struct rte_crypto_sym_xform *crypto_xform)\n+{\n+\tuint16_t keylen = crypto_xform->auth.key.length;\n+\n+\tif (crypto_xform->auth.algo == RTE_CRYPTO_AUTH_SHA1_HMAC) {\n+\t\tif (keylen >= 20 && keylen <= 64)\n+\t\t\treturn 0;\n+\t} else if (roc_model_is_cn9k() &&\n+\t\t (crypto_xform->auth.algo == RTE_CRYPTO_AUTH_SHA256_HMAC)) {\n+\t\tif (keylen >= 32 && keylen <= 64)\n+\t\t\treturn 0;\n+\t}\n+\n+\treturn -ENOTSUP;\n+}\n+\n+static inline int\n+ipsec_xform_aead_verify(struct rte_security_ipsec_xform *ipsec_xform,\n+\t\t\tstruct rte_crypto_sym_xform *crypto_xform)\n+{\n+\tif (ipsec_xform->direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS &&\n+\t crypto_xform->aead.op != RTE_CRYPTO_AEAD_OP_ENCRYPT)\n+\t\treturn -EINVAL;\n+\n+\tif (ipsec_xform->direction == RTE_SECURITY_IPSEC_SA_DIR_INGRESS &&\n+\t crypto_xform->aead.op != RTE_CRYPTO_AEAD_OP_DECRYPT)\n+\t\treturn -EINVAL;\n+\n+\tif (crypto_xform->aead.algo == RTE_CRYPTO_AEAD_AES_GCM) {\n+\t\tswitch (crypto_xform->aead.key.length) {\n+\t\tcase 16:\n+\t\tcase 24:\n+\t\tcase 32:\n+\t\t\tbreak;\n+\t\tdefault:\n+\t\t\treturn -EINVAL;\n+\t\t}\n+\t\treturn 0;\n+\t}\n+\n+\treturn -ENOTSUP;\n+}\n+\n+static inline int\n+cnxk_ipsec_xform_verify(struct rte_security_ipsec_xform *ipsec_xform,\n+\t\t\tstruct rte_crypto_sym_xform *crypto_xform)\n+{\n+\tstruct rte_crypto_sym_xform *auth_xform, *cipher_xform;\n+\tint ret;\n+\n+\tif ((ipsec_xform->direction != RTE_SECURITY_IPSEC_SA_DIR_INGRESS) &&\n+\t (ipsec_xform->direction != RTE_SECURITY_IPSEC_SA_DIR_EGRESS))\n+\t\treturn -EINVAL;\n+\n+\tif ((ipsec_xform->proto != RTE_SECURITY_IPSEC_SA_PROTO_ESP) &&\n+\t (ipsec_xform->proto != RTE_SECURITY_IPSEC_SA_PROTO_AH))\n+\t\treturn -EINVAL;\n+\n+\tif ((ipsec_xform->mode != RTE_SECURITY_IPSEC_SA_MODE_TRANSPORT) &&\n+\t (ipsec_xform->mode != RTE_SECURITY_IPSEC_SA_MODE_TUNNEL))\n+\t\treturn -EINVAL;\n+\n+\tif ((ipsec_xform->tunnel.type != RTE_SECURITY_IPSEC_TUNNEL_IPV4) &&\n+\t (ipsec_xform->tunnel.type != RTE_SECURITY_IPSEC_TUNNEL_IPV6))\n+\t\treturn -EINVAL;\n+\n+\tif (crypto_xform->type == RTE_CRYPTO_SYM_XFORM_AEAD)\n+\t\treturn ipsec_xform_aead_verify(ipsec_xform, crypto_xform);\n+\n+\tif (crypto_xform->next == NULL)\n+\t\treturn -EINVAL;\n+\n+\tif (ipsec_xform->direction == RTE_SECURITY_IPSEC_SA_DIR_INGRESS) {\n+\t\t/* Ingress */\n+\t\tif (crypto_xform->type != RTE_CRYPTO_SYM_XFORM_AUTH ||\n+\t\t crypto_xform->next->type != RTE_CRYPTO_SYM_XFORM_CIPHER)\n+\t\t\treturn -EINVAL;\n+\t\tauth_xform = crypto_xform;\n+\t\tcipher_xform = crypto_xform->next;\n+\t} else {\n+\t\t/* Egress */\n+\t\tif (crypto_xform->type != RTE_CRYPTO_SYM_XFORM_CIPHER ||\n+\t\t crypto_xform->next->type != RTE_CRYPTO_SYM_XFORM_AUTH)\n+\t\t\treturn -EINVAL;\n+\t\tcipher_xform = crypto_xform;\n+\t\tauth_xform = crypto_xform->next;\n+\t}\n+\n+\tret = ipsec_xform_cipher_verify(cipher_xform);\n+\tif (ret)\n+\t\treturn ret;\n+\n+\treturn ipsec_xform_auth_verify(auth_xform);\n+}\n #endif /* __CNXK_IPSEC_H__ */\n", "prefixes": [ "v2", "5/8" ] }