From patchwork Wed Nov  6 05:17:19 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Hemant Agrawal <hemant.agrawal@nxp.com>
X-Patchwork-Id: 62500
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from dpdk.org (dpdk.org [92.243.14.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 41B12A04A2;
	Wed,  6 Nov 2019 06:20:41 +0100 (CET)
Received: from [92.243.14.124] (localhost [127.0.0.1])
	by dpdk.org (Postfix) with ESMTP id 7AD7C5B32;
	Wed,  6 Nov 2019 06:20:40 +0100 (CET)
Received: from inva020.nxp.com (inva020.nxp.com [92.121.34.13])
 by dpdk.org (Postfix) with ESMTP id E2785A69
 for <dev@dpdk.org>; Wed,  6 Nov 2019 06:20:38 +0100 (CET)
Received: from inva020.nxp.com (localhost [127.0.0.1])
 by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id 6D3011A0726;
 Wed,  6 Nov 2019 06:20:38 +0100 (CET)
Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com
 [165.114.16.14])
 by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id 0A3361A010F;
 Wed,  6 Nov 2019 06:20:37 +0100 (CET)
Received: from bf-netperf1.ap.freescale.net (bf-netperf1.ap.freescale.net
 [10.232.133.63])
 by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id C544340285;
 Wed,  6 Nov 2019 13:20:34 +0800 (SGT)
From: Hemant Agrawal <hemant.agrawal@nxp.com>
To: dev@dpdk.org
Cc: akhil.goyal@nxp.com
Date: Wed,  6 Nov 2019 10:47:19 +0530
Message-Id: <20191106051731.3625-1-hemant.agrawal@nxp.com>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20191101175141.4663-1-hemant.agrawal@nxp.com>
References: <20191101175141.4663-1-hemant.agrawal@nxp.com>
X-Virus-Scanned: ClamAV using ClamSMTP
Subject: [dpdk-dev] [PATCH v3 01/13] crypto/dpaa_sec: fix to set PDCP
	capability flags
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

set the pdcp capa_flags to 0 by default.

Fixes: a1173d55598c ("crypto/dpaa_sec: support PDCP offload")

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 drivers/crypto/dpaa_sec/dpaa_sec.h | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.h b/drivers/crypto/dpaa_sec/dpaa_sec.h
index c10ec1007..29ffe5631 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.h
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.h
@@ -712,6 +712,7 @@ static const struct rte_security_capability dpaa_sec_security_cap[] = {
 		.protocol = RTE_SECURITY_PROTOCOL_PDCP,
 		.pdcp = {
 			.domain = RTE_SECURITY_PDCP_MODE_DATA,
+			.capa_flags = 0
 		},
 		.crypto_capabilities = dpaa_pdcp_capabilities
 	},
@@ -720,6 +721,7 @@ static const struct rte_security_capability dpaa_sec_security_cap[] = {
 		.protocol = RTE_SECURITY_PROTOCOL_PDCP,
 		.pdcp = {
 			.domain = RTE_SECURITY_PDCP_MODE_CONTROL,
+			.capa_flags = 0
 		},
 		.crypto_capabilities = dpaa_pdcp_capabilities
 	},

From patchwork Wed Nov  6 05:17:20 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Hemant Agrawal <hemant.agrawal@nxp.com>
X-Patchwork-Id: 62501
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from dpdk.org (dpdk.org [92.243.14.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 69436A04A2;
	Wed,  6 Nov 2019 06:20:47 +0100 (CET)
Received: from [92.243.14.124] (localhost [127.0.0.1])
	by dpdk.org (Postfix) with ESMTP id 0BC901BF81;
	Wed,  6 Nov 2019 06:20:43 +0100 (CET)
Received: from inva020.nxp.com (inva020.nxp.com [92.121.34.13])
 by dpdk.org (Postfix) with ESMTP id 658B7A69
 for <dev@dpdk.org>; Wed,  6 Nov 2019 06:20:39 +0100 (CET)
Received: from inva020.nxp.com (localhost [127.0.0.1])
 by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id 04DCE1A0795;
 Wed,  6 Nov 2019 06:20:39 +0100 (CET)
Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com
 [165.114.16.14])
 by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id 948621A05F9;
 Wed,  6 Nov 2019 06:20:37 +0100 (CET)
Received: from bf-netperf1.ap.freescale.net (bf-netperf1.ap.freescale.net
 [10.232.133.63])
 by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id 5B93C402DF;
 Wed,  6 Nov 2019 13:20:35 +0800 (SGT)
From: Hemant Agrawal <hemant.agrawal@nxp.com>
To: dev@dpdk.org
Cc: akhil.goyal@nxp.com
Date: Wed,  6 Nov 2019 10:47:20 +0530
Message-Id: <20191106051731.3625-2-hemant.agrawal@nxp.com>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20191106051731.3625-1-hemant.agrawal@nxp.com>
References: <20191101175141.4663-1-hemant.agrawal@nxp.com>
 <20191106051731.3625-1-hemant.agrawal@nxp.com>
X-Virus-Scanned: ClamAV using ClamSMTP
Subject: [dpdk-dev] [PATCH v3 02/13] crypto/dpaa2_sec: add check for the
	session validity
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

Check if the session is not null during processing.

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index b04890a48..7d51112c5 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -1365,6 +1365,9 @@ build_sec_fd(struct rte_crypto_op *op,
 	else
 		return -1;
 
+	if (!sess)
+		return -1;
+
 	/* Any of the buffer is segmented*/
 	if (!rte_pktmbuf_is_contiguous(op->sym->m_src) ||
 		  ((op->sym->m_dst != NULL) &&

From patchwork Wed Nov  6 05:17:21 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Hemant Agrawal <hemant.agrawal@nxp.com>
X-Patchwork-Id: 62502
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from dpdk.org (dpdk.org [92.243.14.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 69AC2A04A2;
	Wed,  6 Nov 2019 06:20:54 +0100 (CET)
Received: from [92.243.14.124] (localhost [127.0.0.1])
	by dpdk.org (Postfix) with ESMTP id 66D7C1BF97;
	Wed,  6 Nov 2019 06:20:45 +0100 (CET)
Received: from inva020.nxp.com (inva020.nxp.com [92.121.34.13])
 by dpdk.org (Postfix) with ESMTP id B12DEA69
 for <dev@dpdk.org>; Wed,  6 Nov 2019 06:20:39 +0100 (CET)
Received: from inva020.nxp.com (localhost [127.0.0.1])
 by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id 8DD1D1A00EE;
 Wed,  6 Nov 2019 06:20:39 +0100 (CET)
Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com
 [165.114.16.14])
 by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id 2AF731A05EC;
 Wed,  6 Nov 2019 06:20:38 +0100 (CET)
Received: from bf-netperf1.ap.freescale.net (bf-netperf1.ap.freescale.net
 [10.232.133.63])
 by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id E5EB8402E5;
 Wed,  6 Nov 2019 13:20:35 +0800 (SGT)
From: Hemant Agrawal <hemant.agrawal@nxp.com>
To: dev@dpdk.org
Cc: akhil.goyal@nxp.com
Date: Wed,  6 Nov 2019 10:47:21 +0530
Message-Id: <20191106051731.3625-3-hemant.agrawal@nxp.com>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20191106051731.3625-1-hemant.agrawal@nxp.com>
References: <20191101175141.4663-1-hemant.agrawal@nxp.com>
 <20191106051731.3625-1-hemant.agrawal@nxp.com>
X-Virus-Scanned: ClamAV using ClamSMTP
Subject: [dpdk-dev] [PATCH v3 03/13] crypto/dpaa_sec: add check for the
	session validity
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

Check if the session is not null during processing.

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 drivers/crypto/dpaa_sec/dpaa_sec.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c
index 6c186338f..343a565a2 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
@@ -1773,6 +1773,14 @@ dpaa_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,
 				nb_ops = loop;
 				goto send_pkts;
 			}
+
+			if (!ses) {
+				DPAA_SEC_DP_ERR("session not available");
+				frames_to_send = loop;
+				nb_ops = loop;
+				goto send_pkts;
+			}
+
 			if (unlikely(!ses->qp[rte_lcore_id() % MAX_DPAA_CORES])) {
 				if (dpaa_sec_attach_sess_q(qp, ses)) {
 					frames_to_send = loop;

From patchwork Wed Nov  6 05:17:22 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Hemant Agrawal <hemant.agrawal@nxp.com>
X-Patchwork-Id: 62503
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from dpdk.org (dpdk.org [92.243.14.124])
	by inbox.dpdk.org (Postfix) with ESMTP id A1B5FA04A2;
	Wed,  6 Nov 2019 06:21:00 +0100 (CET)
Received: from [92.243.14.124] (localhost [127.0.0.1])
	by dpdk.org (Postfix) with ESMTP id 0854D1BFA1;
	Wed,  6 Nov 2019 06:20:47 +0100 (CET)
Received: from inva020.nxp.com (inva020.nxp.com [92.121.34.13])
 by dpdk.org (Postfix) with ESMTP id C970D1BF70
 for <dev@dpdk.org>; Wed,  6 Nov 2019 06:20:41 +0100 (CET)
Received: from inva020.nxp.com (localhost [127.0.0.1])
 by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id 9EBE41A0795;
 Wed,  6 Nov 2019 06:20:41 +0100 (CET)
Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com
 [165.114.16.14])
 by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id 01E1B1A05EC;
 Wed,  6 Nov 2019 06:20:40 +0100 (CET)
Received: from bf-netperf1.ap.freescale.net (bf-netperf1.ap.freescale.net
 [10.232.133.63])
 by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id 7CCF6402F2;
 Wed,  6 Nov 2019 13:20:36 +0800 (SGT)
From: Hemant Agrawal <hemant.agrawal@nxp.com>
To: dev@dpdk.org
Cc: akhil.goyal@nxp.com
Date: Wed,  6 Nov 2019 10:47:22 +0530
Message-Id: <20191106051731.3625-4-hemant.agrawal@nxp.com>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20191106051731.3625-1-hemant.agrawal@nxp.com>
References: <20191101175141.4663-1-hemant.agrawal@nxp.com>
 <20191106051731.3625-1-hemant.agrawal@nxp.com>
X-Virus-Scanned: ClamAV using ClamSMTP
Subject: [dpdk-dev] [PATCH v3 04/13] crypto/dpaa2_sec: adding NULL cipher or
	NULL auth
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

These are supported when using protocol offload mode or in chain mode.

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 22 +++++++----
 drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h   | 41 +++++++++++++++++++++
 2 files changed, 56 insertions(+), 7 deletions(-)

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index 7d51112c5..dd80e6dc5 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -1,7 +1,7 @@
 /* SPDX-License-Identifier: BSD-3-Clause
  *
  *   Copyright (c) 2016 Freescale Semiconductor, Inc. All rights reserved.
- *   Copyright 2016-2018 NXP
+ *   Copyright 2016-2019 NXP
  *
  */
 
@@ -1834,6 +1834,7 @@ dpaa2_sec_cipher_init(struct rte_cryptodev *dev,
 
 	flc = &priv->flc_desc[0].flc;
 
+	session->ctxt_type = DPAA2_SEC_CIPHER;
 	session->cipher_key.data = rte_zmalloc(NULL, xform->cipher.key.length,
 			RTE_CACHE_LINE_SIZE);
 	if (session->cipher_key.data == NULL) {
@@ -1970,6 +1971,7 @@ dpaa2_sec_auth_init(struct rte_cryptodev *dev,
 	priv->fle_pool = dev_priv->fle_pool;
 	flc = &priv->flc_desc[DESC_INITFINAL].flc;
 
+	session->ctxt_type = DPAA2_SEC_AUTH;
 	session->auth_key.data = rte_zmalloc(NULL, xform->auth.key.length,
 			RTE_CACHE_LINE_SIZE);
 	if (session->auth_key.data == NULL) {
@@ -2478,27 +2480,33 @@ dpaa2_sec_set_session_parameters(struct rte_cryptodev *dev,
 
 	/* Cipher Only */
 	if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER && xform->next == NULL) {
-		session->ctxt_type = DPAA2_SEC_CIPHER;
 		ret = dpaa2_sec_cipher_init(dev, xform, session);
 
 	/* Authentication Only */
 	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
 		   xform->next == NULL) {
-		session->ctxt_type = DPAA2_SEC_AUTH;
 		ret = dpaa2_sec_auth_init(dev, xform, session);
 
 	/* Cipher then Authenticate */
 	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
 		   xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH) {
 		session->ext_params.aead_ctxt.auth_cipher_text = true;
-		ret = dpaa2_sec_aead_chain_init(dev, xform, session);
-
+		if (xform->cipher.algo == RTE_CRYPTO_CIPHER_NULL)
+			ret = dpaa2_sec_auth_init(dev, xform, session);
+		else if (xform->next->auth.algo == RTE_CRYPTO_AUTH_NULL)
+			ret = dpaa2_sec_cipher_init(dev, xform, session);
+		else
+			ret = dpaa2_sec_aead_chain_init(dev, xform, session);
 	/* Authenticate then Cipher */
 	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
 		   xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER) {
 		session->ext_params.aead_ctxt.auth_cipher_text = false;
-		ret = dpaa2_sec_aead_chain_init(dev, xform, session);
-
+		if (xform->auth.algo == RTE_CRYPTO_AUTH_NULL)
+			ret = dpaa2_sec_cipher_init(dev, xform, session);
+		else if (xform->next->cipher.algo == RTE_CRYPTO_CIPHER_NULL)
+			ret = dpaa2_sec_auth_init(dev, xform, session);
+		else
+			ret = dpaa2_sec_aead_chain_init(dev, xform, session);
 	/* AEAD operation for AES-GCM kind of Algorithms */
 	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AEAD &&
 		   xform->next == NULL) {
diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h b/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h
index 662559422..c10fbf8dd 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h
@@ -200,6 +200,27 @@ typedef struct dpaa2_sec_session_entry {
 } dpaa2_sec_session;
 
 static const struct rte_cryptodev_capabilities dpaa2_sec_capabilities[] = {
+	{	/* NULL (AUTH) */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_NULL,
+				.block_size = 1,
+				.key_size = {
+					.min = 0,
+					.max = 0,
+					.increment = 0
+				},
+				.digest_size = {
+					.min = 0,
+					.max = 0,
+					.increment = 0
+				},
+				.iv_size = { 0 }
+			}, },
+		}, },
+	},
 	{	/* MD5 HMAC */
 		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 		{.sym = {
@@ -356,6 +377,26 @@ static const struct rte_cryptodev_capabilities dpaa2_sec_capabilities[] = {
 			}, }
 		}, }
 	},
+	{	/* NULL (CIPHER) */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+			{.cipher = {
+				.algo = RTE_CRYPTO_CIPHER_NULL,
+				.block_size = 1,
+				.key_size = {
+					.min = 0,
+					.max = 0,
+					.increment = 0
+				},
+				.iv_size = {
+					.min = 0,
+					.max = 0,
+					.increment = 0
+				}
+			}, },
+		}, }
+	},
 	{	/* AES CBC */
 		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 		{.sym = {

From patchwork Wed Nov  6 05:17:23 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Hemant Agrawal <hemant.agrawal@nxp.com>
X-Patchwork-Id: 62504
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from dpdk.org (dpdk.org [92.243.14.124])
	by inbox.dpdk.org (Postfix) with ESMTP id D1C41A04A2;
	Wed,  6 Nov 2019 06:21:10 +0100 (CET)
Received: from [92.243.14.124] (localhost [127.0.0.1])
	by dpdk.org (Postfix) with ESMTP id AF9F01BFA9;
	Wed,  6 Nov 2019 06:20:48 +0100 (CET)
Received: from inva020.nxp.com (inva020.nxp.com [92.121.34.13])
 by dpdk.org (Postfix) with ESMTP id 15EAA1BF75
 for <dev@dpdk.org>; Wed,  6 Nov 2019 06:20:42 +0100 (CET)
Received: from inva020.nxp.com (localhost [127.0.0.1])
 by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id E64761A010F;
 Wed,  6 Nov 2019 06:20:41 +0100 (CET)
Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com
 [165.114.16.14])
 by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id 5356E1A07B7;
 Wed,  6 Nov 2019 06:20:40 +0100 (CET)
Received: from bf-netperf1.ap.freescale.net (bf-netperf1.ap.freescale.net
 [10.232.133.63])
 by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id 0999740309;
 Wed,  6 Nov 2019 13:20:36 +0800 (SGT)
From: Hemant Agrawal <hemant.agrawal@nxp.com>
To: dev@dpdk.org
Cc: akhil.goyal@nxp.com
Date: Wed,  6 Nov 2019 10:47:23 +0530
Message-Id: <20191106051731.3625-5-hemant.agrawal@nxp.com>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20191106051731.3625-1-hemant.agrawal@nxp.com>
References: <20191101175141.4663-1-hemant.agrawal@nxp.com>
 <20191106051731.3625-1-hemant.agrawal@nxp.com>
X-Virus-Scanned: ClamAV using ClamSMTP
Subject: [dpdk-dev] [PATCH v3 05/13] crypto/dpaa_sec: adding NULL cipher or
	NULL auth
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

These are supported when using protocol offload mode or when
in chain mode.

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 drivers/crypto/dpaa_sec/dpaa_sec.c | 33 ++++++++++++++++++------
 drivers/crypto/dpaa_sec/dpaa_sec.h | 41 ++++++++++++++++++++++++++++++
 2 files changed, 66 insertions(+), 8 deletions(-)

diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c
index 343a565a2..0ef17ee00 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
@@ -2037,6 +2037,7 @@ dpaa_sec_cipher_init(struct rte_cryptodev *dev __rte_unused,
 		     struct rte_crypto_sym_xform *xform,
 		     dpaa_sec_session *session)
 {
+	session->ctxt = DPAA_SEC_CIPHER;
 	session->cipher_alg = xform->cipher.algo;
 	session->iv.length = xform->cipher.iv.length;
 	session->iv.offset = xform->cipher.iv.offset;
@@ -2086,6 +2087,7 @@ dpaa_sec_auth_init(struct rte_cryptodev *dev __rte_unused,
 		   struct rte_crypto_sym_xform *xform,
 		   dpaa_sec_session *session)
 {
+	session->ctxt = DPAA_SEC_AUTH;
 	session->auth_alg = xform->auth.algo;
 	session->auth_key.data = rte_zmalloc(NULL, xform->auth.key.length,
 					     RTE_CACHE_LINE_SIZE);
@@ -2158,6 +2160,7 @@ dpaa_sec_chain_init(struct rte_cryptodev *dev __rte_unused,
 	struct rte_crypto_cipher_xform *cipher_xform;
 	struct rte_crypto_auth_xform *auth_xform;
 
+	session->ctxt = DPAA_SEC_CIPHER_HASH;
 	if (session->auth_cipher_text) {
 		cipher_xform = &xform->cipher;
 		auth_xform = &xform->next->auth;
@@ -2359,6 +2362,7 @@ dpaa_sec_set_session_parameters(struct rte_cryptodev *dev,
 	struct dpaa_sec_dev_private *internals = dev->data->dev_private;
 	dpaa_sec_session *session = sess;
 	uint32_t i;
+	int ret;
 
 	PMD_INIT_FUNC_TRACE();
 
@@ -2374,23 +2378,26 @@ dpaa_sec_set_session_parameters(struct rte_cryptodev *dev,
 	/* Cipher Only */
 	if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER && xform->next == NULL) {
 		session->auth_alg = RTE_CRYPTO_AUTH_NULL;
-		session->ctxt = DPAA_SEC_CIPHER;
-		dpaa_sec_cipher_init(dev, xform, session);
+		ret = dpaa_sec_cipher_init(dev, xform, session);
 
 	/* Authentication Only */
 	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
 		   xform->next == NULL) {
 		session->cipher_alg = RTE_CRYPTO_CIPHER_NULL;
 		session->ctxt = DPAA_SEC_AUTH;
-		dpaa_sec_auth_init(dev, xform, session);
+		ret = dpaa_sec_auth_init(dev, xform, session);
 
 	/* Cipher then Authenticate */
 	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
 		   xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH) {
 		if (xform->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT) {
-			session->ctxt = DPAA_SEC_CIPHER_HASH;
 			session->auth_cipher_text = 1;
-			dpaa_sec_chain_init(dev, xform, session);
+			if (xform->cipher.algo == RTE_CRYPTO_CIPHER_NULL)
+				ret = dpaa_sec_auth_init(dev, xform, session);
+			else if (xform->next->auth.algo == RTE_CRYPTO_AUTH_NULL)
+				ret = dpaa_sec_cipher_init(dev, xform, session);
+			else
+				ret = dpaa_sec_chain_init(dev, xform, session);
 		} else {
 			DPAA_SEC_ERR("Not supported: Auth then Cipher");
 			return -EINVAL;
@@ -2399,9 +2406,14 @@ dpaa_sec_set_session_parameters(struct rte_cryptodev *dev,
 	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
 		   xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER) {
 		if (xform->next->cipher.op == RTE_CRYPTO_CIPHER_OP_DECRYPT) {
-			session->ctxt = DPAA_SEC_CIPHER_HASH;
 			session->auth_cipher_text = 0;
-			dpaa_sec_chain_init(dev, xform, session);
+			if (xform->auth.algo == RTE_CRYPTO_AUTH_NULL)
+				ret = dpaa_sec_cipher_init(dev, xform, session);
+			else if (xform->next->cipher.algo
+					== RTE_CRYPTO_CIPHER_NULL)
+				ret = dpaa_sec_auth_init(dev, xform, session);
+			else
+				ret = dpaa_sec_chain_init(dev, xform, session);
 		} else {
 			DPAA_SEC_ERR("Not supported: Auth then Cipher");
 			return -EINVAL;
@@ -2410,12 +2422,17 @@ dpaa_sec_set_session_parameters(struct rte_cryptodev *dev,
 	/* AEAD operation for AES-GCM kind of Algorithms */
 	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AEAD &&
 		   xform->next == NULL) {
-		dpaa_sec_aead_init(dev, xform, session);
+		ret = dpaa_sec_aead_init(dev, xform, session);
 
 	} else {
 		DPAA_SEC_ERR("Invalid crypto type");
 		return -EINVAL;
 	}
+	if (ret) {
+		DPAA_SEC_ERR("unable to init session");
+		goto err1;
+	}
+
 	rte_spinlock_lock(&internals->lock);
 	for (i = 0; i < MAX_DPAA_CORES; i++) {
 		session->inq[i] = dpaa_sec_attach_rxq(internals);
diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.h b/drivers/crypto/dpaa_sec/dpaa_sec.h
index 29ffe5631..039cce8e9 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.h
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.h
@@ -218,6 +218,27 @@ struct dpaa_sec_op_ctx {
 };
 
 static const struct rte_cryptodev_capabilities dpaa_sec_capabilities[] = {
+	{	/* NULL (AUTH) */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_NULL,
+				.block_size = 1,
+				.key_size = {
+					.min = 0,
+					.max = 0,
+					.increment = 0
+				},
+				.digest_size = {
+					.min = 0,
+					.max = 0,
+					.increment = 0
+				},
+				.iv_size = { 0 }
+			}, },
+		}, },
+	},
 	{	/* MD5 HMAC */
 		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 		{.sym = {
@@ -374,6 +395,26 @@ static const struct rte_cryptodev_capabilities dpaa_sec_capabilities[] = {
 			}, }
 		}, }
 	},
+	{	/* NULL (CIPHER) */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+			{.cipher = {
+				.algo = RTE_CRYPTO_CIPHER_NULL,
+				.block_size = 1,
+				.key_size = {
+					.min = 0,
+					.max = 0,
+					.increment = 0
+				},
+				.iv_size = {
+					.min = 0,
+					.max = 0,
+					.increment = 0
+				}
+			}, },
+		}, }
+	},
 	{	/* AES CBC */
 		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 		{.sym = {

From patchwork Wed Nov  6 05:17:24 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Hemant Agrawal <hemant.agrawal@nxp.com>
X-Patchwork-Id: 62505
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from dpdk.org (dpdk.org [92.243.14.124])
	by inbox.dpdk.org (Postfix) with ESMTP id A43E6A04A2;
	Wed,  6 Nov 2019 06:21:20 +0100 (CET)
Received: from [92.243.14.124] (localhost [127.0.0.1])
	by dpdk.org (Postfix) with ESMTP id 63E491BFB3;
	Wed,  6 Nov 2019 06:20:50 +0100 (CET)
Received: from inva020.nxp.com (inva020.nxp.com [92.121.34.13])
 by dpdk.org (Postfix) with ESMTP id 1BDC71BF7A
 for <dev@dpdk.org>; Wed,  6 Nov 2019 06:20:42 +0100 (CET)
Received: from inva020.nxp.com (localhost [127.0.0.1])
 by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id EEA9F1A05EC;
 Wed,  6 Nov 2019 06:20:41 +0100 (CET)
Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com
 [165.114.16.14])
 by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id 532A81A07AB;
 Wed,  6 Nov 2019 06:20:40 +0100 (CET)
Received: from bf-netperf1.ap.freescale.net (bf-netperf1.ap.freescale.net
 [10.232.133.63])
 by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id 8B1074030E;
 Wed,  6 Nov 2019 13:20:37 +0800 (SGT)
From: Hemant Agrawal <hemant.agrawal@nxp.com>
To: dev@dpdk.org
Cc: akhil.goyal@nxp.com
Date: Wed,  6 Nov 2019 10:47:24 +0530
Message-Id: <20191106051731.3625-6-hemant.agrawal@nxp.com>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20191106051731.3625-1-hemant.agrawal@nxp.com>
References: <20191101175141.4663-1-hemant.agrawal@nxp.com>
 <20191106051731.3625-1-hemant.agrawal@nxp.com>
X-Virus-Scanned: ClamAV using ClamSMTP
Subject: [dpdk-dev] [PATCH v3 06/13] crypto/dpaa2_sec: add AES-GCM support
	for lookaside case
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 60 +++++++++++++++++++--
 1 file changed, 56 insertions(+), 4 deletions(-)

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index dd80e6dc5..173ec8095 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -2547,12 +2547,40 @@ dpaa2_sec_ipsec_aead_init(struct rte_crypto_aead_xform *aead_xform,
 
 	switch (aead_xform->algo) {
 	case RTE_CRYPTO_AEAD_AES_GCM:
-		aeaddata->algtype = OP_ALG_ALGSEL_AES;
+		switch (session->digest_length) {
+		case 8:
+			aeaddata->algtype = OP_PCL_IPSEC_AES_GCM8;
+			break;
+		case 12:
+			aeaddata->algtype = OP_PCL_IPSEC_AES_GCM12;
+			break;
+		case 16:
+			aeaddata->algtype = OP_PCL_IPSEC_AES_GCM16;
+			break;
+		default:
+			DPAA2_SEC_ERR("Crypto: Undefined GCM digest %d",
+				      session->digest_length);
+			return -1;
+		}
 		aeaddata->algmode = OP_ALG_AAI_GCM;
 		session->aead_alg = RTE_CRYPTO_AEAD_AES_GCM;
 		break;
 	case RTE_CRYPTO_AEAD_AES_CCM:
-		aeaddata->algtype = OP_ALG_ALGSEL_AES;
+		switch (session->digest_length) {
+		case 8:
+			aeaddata->algtype = OP_PCL_IPSEC_AES_CCM8;
+			break;
+		case 12:
+			aeaddata->algtype = OP_PCL_IPSEC_AES_CCM12;
+			break;
+		case 16:
+			aeaddata->algtype = OP_PCL_IPSEC_AES_CCM16;
+			break;
+		default:
+			DPAA2_SEC_ERR("Crypto: Undefined CCM digest %d",
+				      session->digest_length);
+			return -1;
+		}
 		aeaddata->algmode = OP_ALG_AAI_CCM;
 		session->aead_alg = RTE_CRYPTO_AEAD_AES_CCM;
 		break;
@@ -2720,8 +2748,6 @@ dpaa2_sec_set_ipsec_session(struct rte_cryptodev *dev,
 	struct rte_crypto_aead_xform *aead_xform = NULL;
 	dpaa2_sec_session *session = (dpaa2_sec_session *)sess;
 	struct ctxt_priv *priv;
-	struct ipsec_encap_pdb encap_pdb;
-	struct ipsec_decap_pdb decap_pdb;
 	struct alginfo authdata, cipherdata;
 	int bufsize;
 	struct sec_flow_context *flc;
@@ -2761,6 +2787,8 @@ dpaa2_sec_set_ipsec_session(struct rte_cryptodev *dev,
 		aead_xform = &conf->crypto_xform->aead;
 		ret = dpaa2_sec_ipsec_aead_init(aead_xform,
 					session, &cipherdata);
+		authdata.keylen = 0;
+		authdata.algtype = 0;
 	} else {
 		DPAA2_SEC_ERR("XFORM not specified");
 		ret = -EINVAL;
@@ -2776,10 +2804,22 @@ dpaa2_sec_set_ipsec_session(struct rte_cryptodev *dev,
 		uint8_t *hdr = NULL;
 		struct ip ip4_hdr;
 		struct rte_ipv6_hdr ip6_hdr;
+		struct ipsec_encap_pdb encap_pdb;
 
 		flc->dhr = SEC_FLC_DHR_OUTBOUND;
 		/* For Sec Proto only one descriptor is required. */
 		memset(&encap_pdb, 0, sizeof(struct ipsec_encap_pdb));
+
+		/* copy algo specific data to PDB */
+		switch (cipherdata.algtype) {
+		case OP_PCL_IPSEC_AES_GCM8:
+		case OP_PCL_IPSEC_AES_GCM12:
+		case OP_PCL_IPSEC_AES_GCM16:
+			memcpy(encap_pdb.gcm.salt,
+				(uint8_t *)&(ipsec_xform->salt), 4);
+			break;
+		}
+
 		encap_pdb.options = (IPVERSION << PDBNH_ESP_ENCAP_SHIFT) |
 			PDBOPTS_ESP_OIHI_PDB_INL |
 			PDBOPTS_ESP_IVSRC |
@@ -2836,8 +2876,20 @@ dpaa2_sec_set_ipsec_session(struct rte_cryptodev *dev,
 				hdr, &cipherdata, &authdata);
 	} else if (ipsec_xform->direction ==
 			RTE_SECURITY_IPSEC_SA_DIR_INGRESS) {
+		struct ipsec_decap_pdb decap_pdb;
+
 		flc->dhr = SEC_FLC_DHR_INBOUND;
 		memset(&decap_pdb, 0, sizeof(struct ipsec_decap_pdb));
+		/* copy algo specific data to PDB */
+		switch (cipherdata.algtype) {
+		case OP_PCL_IPSEC_AES_GCM8:
+		case OP_PCL_IPSEC_AES_GCM12:
+		case OP_PCL_IPSEC_AES_GCM16:
+			memcpy(decap_pdb.gcm.salt,
+				(uint8_t *)&(ipsec_xform->salt), 4);
+			break;
+		}
+
 		decap_pdb.options = (ipsec_xform->tunnel.type ==
 				RTE_SECURITY_IPSEC_TUNNEL_IPV4) ?
 				sizeof(struct ip) << 16 :

From patchwork Wed Nov  6 05:17:25 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Hemant Agrawal <hemant.agrawal@nxp.com>
X-Patchwork-Id: 62506
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from dpdk.org (dpdk.org [92.243.14.124])
	by inbox.dpdk.org (Postfix) with ESMTP id AC2CEA04A2;
	Wed,  6 Nov 2019 06:21:27 +0100 (CET)
Received: from [92.243.14.124] (localhost [127.0.0.1])
	by dpdk.org (Postfix) with ESMTP id 6F96D1BFC1;
	Wed,  6 Nov 2019 06:20:52 +0100 (CET)
Received: from inva020.nxp.com (inva020.nxp.com [92.121.34.13])
 by dpdk.org (Postfix) with ESMTP id CA4261BF70
 for <dev@dpdk.org>; Wed,  6 Nov 2019 06:20:42 +0100 (CET)
Received: from inva020.nxp.com (localhost [127.0.0.1])
 by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id AEC011A0625;
 Wed,  6 Nov 2019 06:20:42 +0100 (CET)
Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com
 [165.114.16.14])
 by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id DF8F41A07BD;
 Wed,  6 Nov 2019 06:20:40 +0100 (CET)
Received: from bf-netperf1.ap.freescale.net (bf-netperf1.ap.freescale.net
 [10.232.133.63])
 by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id 194D34030F;
 Wed,  6 Nov 2019 13:20:38 +0800 (SGT)
From: Hemant Agrawal <hemant.agrawal@nxp.com>
To: dev@dpdk.org
Cc: akhil.goyal@nxp.com
Date: Wed,  6 Nov 2019 10:47:25 +0530
Message-Id: <20191106051731.3625-7-hemant.agrawal@nxp.com>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20191106051731.3625-1-hemant.agrawal@nxp.com>
References: <20191101175141.4663-1-hemant.agrawal@nxp.com>
 <20191106051731.3625-1-hemant.agrawal@nxp.com>
X-Virus-Scanned: ClamAV using ClamSMTP
Subject: [dpdk-dev] [PATCH v3 07/13] crypto/dpaa_sec: add AES-GCM support
	for lookaside case
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

This patch add support for AES-128-GCM, when used in
proto lookaside mode.

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 drivers/crypto/dpaa_sec/dpaa_sec.c | 309 ++++++++++++++++++++---------
 1 file changed, 211 insertions(+), 98 deletions(-)

diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c
index 0ef17ee00..27a31d065 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
@@ -382,12 +382,14 @@ dpaa_sec_prep_ipsec_cdb(dpaa_sec_session *ses)
 	cipherdata.algtype = ses->cipher_key.alg;
 	cipherdata.algmode = ses->cipher_key.algmode;
 
-	authdata.key = (size_t)ses->auth_key.data;
-	authdata.keylen = ses->auth_key.length;
-	authdata.key_enc_flags = 0;
-	authdata.key_type = RTA_DATA_IMM;
-	authdata.algtype = ses->auth_key.alg;
-	authdata.algmode = ses->auth_key.algmode;
+	if (ses->auth_key.length) {
+		authdata.key = (size_t)ses->auth_key.data;
+		authdata.keylen = ses->auth_key.length;
+		authdata.key_enc_flags = 0;
+		authdata.key_type = RTA_DATA_IMM;
+		authdata.algtype = ses->auth_key.alg;
+		authdata.algmode = ses->auth_key.algmode;
+	}
 
 	cdb->sh_desc[0] = cipherdata.keylen;
 	cdb->sh_desc[1] = authdata.keylen;
@@ -2523,33 +2525,76 @@ dpaa_sec_sym_session_clear(struct rte_cryptodev *dev,
 
 #ifdef RTE_LIBRTE_SECURITY
 static int
-dpaa_sec_set_ipsec_session(__rte_unused struct rte_cryptodev *dev,
-			   struct rte_security_session_conf *conf,
-			   void *sess)
+dpaa_sec_ipsec_aead_init(struct rte_crypto_aead_xform *aead_xform,
+			struct rte_security_ipsec_xform *ipsec_xform,
+			dpaa_sec_session *session)
 {
-	struct dpaa_sec_dev_private *internals = dev->data->dev_private;
-	struct rte_security_ipsec_xform *ipsec_xform = &conf->ipsec;
-	struct rte_crypto_auth_xform *auth_xform = NULL;
-	struct rte_crypto_cipher_xform *cipher_xform = NULL;
-	dpaa_sec_session *session = (dpaa_sec_session *)sess;
-	uint32_t i;
-
 	PMD_INIT_FUNC_TRACE();
 
-	memset(session, 0, sizeof(dpaa_sec_session));
-	if (ipsec_xform->direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS) {
-		cipher_xform = &conf->crypto_xform->cipher;
-		if (conf->crypto_xform->next)
-			auth_xform = &conf->crypto_xform->next->auth;
-	} else {
-		auth_xform = &conf->crypto_xform->auth;
-		if (conf->crypto_xform->next)
-			cipher_xform = &conf->crypto_xform->next->cipher;
+	session->aead_key.data = rte_zmalloc(NULL, aead_xform->key.length,
+					       RTE_CACHE_LINE_SIZE);
+	if (session->aead_key.data == NULL && aead_xform->key.length > 0) {
+		DPAA_SEC_ERR("No Memory for aead key");
+		return -1;
 	}
-	session->proto_alg = conf->protocol;
-	session->ctxt = DPAA_SEC_IPSEC;
+	memcpy(session->aead_key.data, aead_xform->key.data,
+	       aead_xform->key.length);
+
+	session->digest_length = aead_xform->digest_length;
+	session->aead_key.length = aead_xform->key.length;
+
+	switch (aead_xform->algo) {
+	case RTE_CRYPTO_AEAD_AES_GCM:
+		switch (session->digest_length) {
+		case 8:
+			session->aead_key.alg = OP_PCL_IPSEC_AES_GCM8;
+			break;
+		case 12:
+			session->aead_key.alg = OP_PCL_IPSEC_AES_GCM12;
+			break;
+		case 16:
+			session->aead_key.alg = OP_PCL_IPSEC_AES_GCM16;
+			break;
+		default:
+			DPAA_SEC_ERR("Crypto: Undefined GCM digest %d",
+				     session->digest_length);
+			return -1;
+		}
+		if (session->dir == DIR_ENC) {
+			memcpy(session->encap_pdb.gcm.salt,
+				(uint8_t *)&(ipsec_xform->salt), 4);
+		} else {
+			memcpy(session->decap_pdb.gcm.salt,
+				(uint8_t *)&(ipsec_xform->salt), 4);
+		}
+		session->aead_key.algmode = OP_ALG_AAI_GCM;
+		session->aead_alg = RTE_CRYPTO_AEAD_AES_GCM;
+		break;
+		if (session->dir == DIR_ENC) {
+			/* todo CCM salt length is 3 bytes, left shift 8 bits */
+			memcpy(session->encap_pdb.ccm.salt,
+				(uint8_t *)&(ipsec_xform->salt), 4);
+		} else {
+			memcpy(session->decap_pdb.ccm.salt,
+				(uint8_t *)&(ipsec_xform->salt), 4);
+		}
+		session->aead_key.algmode = OP_ALG_AAI_CCM;
+		session->aead_alg = RTE_CRYPTO_AEAD_AES_CCM;
+		break;
+	default:
+		DPAA_SEC_ERR("Crypto: Undefined AEAD specified %u",
+			      aead_xform->algo);
+		return -1;
+	}
+	return 0;
+}
 
-	if (cipher_xform && cipher_xform->algo != RTE_CRYPTO_CIPHER_NULL) {
+static int
+dpaa_sec_ipsec_proto_init(struct rte_crypto_cipher_xform *cipher_xform,
+	struct rte_crypto_auth_xform *auth_xform,
+	dpaa_sec_session *session)
+{
+	if (cipher_xform) {
 		session->cipher_key.data = rte_zmalloc(NULL,
 						       cipher_xform->key.length,
 						       RTE_CACHE_LINE_SIZE);
@@ -2558,31 +2603,10 @@ dpaa_sec_set_ipsec_session(__rte_unused struct rte_cryptodev *dev,
 			DPAA_SEC_ERR("No Memory for cipher key");
 			return -ENOMEM;
 		}
+
+		session->cipher_key.length = cipher_xform->key.length;
 		memcpy(session->cipher_key.data, cipher_xform->key.data,
 				cipher_xform->key.length);
-		session->cipher_key.length = cipher_xform->key.length;
-
-		switch (cipher_xform->algo) {
-		case RTE_CRYPTO_CIPHER_NULL:
-			session->cipher_key.alg = OP_PCL_IPSEC_NULL;
-			break;
-		case RTE_CRYPTO_CIPHER_AES_CBC:
-			session->cipher_key.alg = OP_PCL_IPSEC_AES_CBC;
-			session->cipher_key.algmode = OP_ALG_AAI_CBC;
-			break;
-		case RTE_CRYPTO_CIPHER_3DES_CBC:
-			session->cipher_key.alg = OP_PCL_IPSEC_3DES;
-			session->cipher_key.algmode = OP_ALG_AAI_CBC;
-			break;
-		case RTE_CRYPTO_CIPHER_AES_CTR:
-			session->cipher_key.alg = OP_PCL_IPSEC_AES_CTR;
-			session->cipher_key.algmode = OP_ALG_AAI_CTR;
-			break;
-		default:
-			DPAA_SEC_ERR("Crypto: Unsupported Cipher alg %u",
-				cipher_xform->algo);
-			goto out;
-		}
 		session->cipher_alg = cipher_xform->algo;
 	} else {
 		session->cipher_key.data = NULL;
@@ -2590,54 +2614,18 @@ dpaa_sec_set_ipsec_session(__rte_unused struct rte_cryptodev *dev,
 		session->cipher_alg = RTE_CRYPTO_CIPHER_NULL;
 	}
 
-	if (auth_xform && auth_xform->algo != RTE_CRYPTO_AUTH_NULL) {
+	if (auth_xform) {
 		session->auth_key.data = rte_zmalloc(NULL,
 						auth_xform->key.length,
 						RTE_CACHE_LINE_SIZE);
 		if (session->auth_key.data == NULL &&
 				auth_xform->key.length > 0) {
 			DPAA_SEC_ERR("No Memory for auth key");
-			rte_free(session->cipher_key.data);
 			return -ENOMEM;
 		}
+		session->auth_key.length = auth_xform->key.length;
 		memcpy(session->auth_key.data, auth_xform->key.data,
 				auth_xform->key.length);
-		session->auth_key.length = auth_xform->key.length;
-
-		switch (auth_xform->algo) {
-		case RTE_CRYPTO_AUTH_NULL:
-			session->auth_key.alg = OP_PCL_IPSEC_HMAC_NULL;
-			session->digest_length = 0;
-			break;
-		case RTE_CRYPTO_AUTH_MD5_HMAC:
-			session->auth_key.alg = OP_PCL_IPSEC_HMAC_MD5_96;
-			session->auth_key.algmode = OP_ALG_AAI_HMAC;
-			break;
-		case RTE_CRYPTO_AUTH_SHA1_HMAC:
-			session->auth_key.alg = OP_PCL_IPSEC_HMAC_SHA1_96;
-			session->auth_key.algmode = OP_ALG_AAI_HMAC;
-			break;
-		case RTE_CRYPTO_AUTH_SHA224_HMAC:
-			session->auth_key.alg = OP_PCL_IPSEC_HMAC_SHA1_160;
-			session->auth_key.algmode = OP_ALG_AAI_HMAC;
-			break;
-		case RTE_CRYPTO_AUTH_SHA256_HMAC:
-			session->auth_key.alg = OP_PCL_IPSEC_HMAC_SHA2_256_128;
-			session->auth_key.algmode = OP_ALG_AAI_HMAC;
-			break;
-		case RTE_CRYPTO_AUTH_SHA384_HMAC:
-			session->auth_key.alg = OP_PCL_IPSEC_HMAC_SHA2_384_192;
-			session->auth_key.algmode = OP_ALG_AAI_HMAC;
-			break;
-		case RTE_CRYPTO_AUTH_SHA512_HMAC:
-			session->auth_key.alg = OP_PCL_IPSEC_HMAC_SHA2_512_256;
-			session->auth_key.algmode = OP_ALG_AAI_HMAC;
-			break;
-		default:
-			DPAA_SEC_ERR("Crypto: Unsupported auth alg %u",
-				auth_xform->algo);
-			goto out;
-		}
 		session->auth_alg = auth_xform->algo;
 	} else {
 		session->auth_key.data = NULL;
@@ -2645,12 +2633,142 @@ dpaa_sec_set_ipsec_session(__rte_unused struct rte_cryptodev *dev,
 		session->auth_alg = RTE_CRYPTO_AUTH_NULL;
 	}
 
+	switch (session->auth_alg) {
+	case RTE_CRYPTO_AUTH_SHA1_HMAC:
+		session->auth_key.alg = OP_PCL_IPSEC_HMAC_SHA1_96;
+		session->auth_key.algmode = OP_ALG_AAI_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_MD5_HMAC:
+		session->auth_key.alg = OP_PCL_IPSEC_HMAC_MD5_96;
+		session->auth_key.algmode = OP_ALG_AAI_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA256_HMAC:
+		session->auth_key.alg = OP_PCL_IPSEC_HMAC_SHA2_256_128;
+		session->auth_key.algmode = OP_ALG_AAI_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA384_HMAC:
+		session->auth_key.alg = OP_PCL_IPSEC_HMAC_SHA2_384_192;
+		session->auth_key.algmode = OP_ALG_AAI_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_SHA512_HMAC:
+		session->auth_key.alg = OP_PCL_IPSEC_HMAC_SHA2_512_256;
+		session->auth_key.algmode = OP_ALG_AAI_HMAC;
+		break;
+	case RTE_CRYPTO_AUTH_AES_CMAC:
+		session->auth_key.alg = OP_PCL_IPSEC_AES_CMAC_96;
+		break;
+	case RTE_CRYPTO_AUTH_NULL:
+		session->auth_key.alg = OP_PCL_IPSEC_HMAC_NULL;
+		break;
+	case RTE_CRYPTO_AUTH_SHA224_HMAC:
+	case RTE_CRYPTO_AUTH_AES_XCBC_MAC:
+	case RTE_CRYPTO_AUTH_SNOW3G_UIA2:
+	case RTE_CRYPTO_AUTH_SHA1:
+	case RTE_CRYPTO_AUTH_SHA256:
+	case RTE_CRYPTO_AUTH_SHA512:
+	case RTE_CRYPTO_AUTH_SHA224:
+	case RTE_CRYPTO_AUTH_SHA384:
+	case RTE_CRYPTO_AUTH_MD5:
+	case RTE_CRYPTO_AUTH_AES_GMAC:
+	case RTE_CRYPTO_AUTH_KASUMI_F9:
+	case RTE_CRYPTO_AUTH_AES_CBC_MAC:
+	case RTE_CRYPTO_AUTH_ZUC_EIA3:
+		DPAA_SEC_ERR("Crypto: Unsupported auth alg %u",
+			      session->auth_alg);
+		return -1;
+	default:
+		DPAA_SEC_ERR("Crypto: Undefined Auth specified %u",
+			      session->auth_alg);
+		return -1;
+	}
+
+	switch (session->cipher_alg) {
+	case RTE_CRYPTO_CIPHER_AES_CBC:
+		session->cipher_key.alg = OP_PCL_IPSEC_AES_CBC;
+		session->cipher_key.algmode = OP_ALG_AAI_CBC;
+		break;
+	case RTE_CRYPTO_CIPHER_3DES_CBC:
+		session->cipher_key.alg = OP_PCL_IPSEC_3DES;
+		session->cipher_key.algmode = OP_ALG_AAI_CBC;
+		break;
+	case RTE_CRYPTO_CIPHER_AES_CTR:
+		session->cipher_key.alg = OP_PCL_IPSEC_AES_CTR;
+		session->cipher_key.algmode = OP_ALG_AAI_CTR;
+		break;
+	case RTE_CRYPTO_CIPHER_NULL:
+		session->cipher_key.alg = OP_PCL_IPSEC_NULL;
+		break;
+	case RTE_CRYPTO_CIPHER_SNOW3G_UEA2:
+	case RTE_CRYPTO_CIPHER_ZUC_EEA3:
+	case RTE_CRYPTO_CIPHER_3DES_ECB:
+	case RTE_CRYPTO_CIPHER_AES_ECB:
+	case RTE_CRYPTO_CIPHER_KASUMI_F8:
+		DPAA_SEC_ERR("Crypto: Unsupported Cipher alg %u",
+			      session->cipher_alg);
+		return -1;
+	default:
+		DPAA_SEC_ERR("Crypto: Undefined Cipher specified %u",
+			      session->cipher_alg);
+		return -1;
+	}
+
+	return 0;
+}
+
+static int
+dpaa_sec_set_ipsec_session(__rte_unused struct rte_cryptodev *dev,
+			   struct rte_security_session_conf *conf,
+			   void *sess)
+{
+	struct dpaa_sec_dev_private *internals = dev->data->dev_private;
+	struct rte_security_ipsec_xform *ipsec_xform = &conf->ipsec;
+	struct rte_crypto_auth_xform *auth_xform = NULL;
+	struct rte_crypto_cipher_xform *cipher_xform = NULL;
+	struct rte_crypto_aead_xform *aead_xform = NULL;
+	dpaa_sec_session *session = (dpaa_sec_session *)sess;
+	uint32_t i;
+	int ret;
+
+	PMD_INIT_FUNC_TRACE();
+
+	memset(session, 0, sizeof(dpaa_sec_session));
+	session->proto_alg = conf->protocol;
+	session->ctxt = DPAA_SEC_IPSEC;
+
+	if (ipsec_xform->direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS)
+		session->dir = DIR_ENC;
+	else
+		session->dir = DIR_DEC;
+
+	if (conf->crypto_xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER) {
+		cipher_xform = &conf->crypto_xform->cipher;
+		if (conf->crypto_xform->next)
+			auth_xform = &conf->crypto_xform->next->auth;
+		ret = dpaa_sec_ipsec_proto_init(cipher_xform, auth_xform,
+					session);
+	} else if (conf->crypto_xform->type == RTE_CRYPTO_SYM_XFORM_AUTH) {
+		auth_xform = &conf->crypto_xform->auth;
+		if (conf->crypto_xform->next)
+			cipher_xform = &conf->crypto_xform->next->cipher;
+		ret = dpaa_sec_ipsec_proto_init(cipher_xform, auth_xform,
+					session);
+	} else if (conf->crypto_xform->type == RTE_CRYPTO_SYM_XFORM_AEAD) {
+		aead_xform = &conf->crypto_xform->aead;
+		ret = dpaa_sec_ipsec_aead_init(aead_xform,
+					ipsec_xform, session);
+	} else {
+		DPAA_SEC_ERR("XFORM not specified");
+		ret = -EINVAL;
+		goto out;
+	}
+	if (ret) {
+		DPAA_SEC_ERR("Failed to process xform");
+		goto out;
+	}
+
 	if (ipsec_xform->direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS) {
 		if (ipsec_xform->tunnel.type ==
 				RTE_SECURITY_IPSEC_TUNNEL_IPV4) {
-			memset(&session->encap_pdb, 0,
-				sizeof(struct ipsec_encap_pdb) +
-				sizeof(session->ip4_hdr));
 			session->ip4_hdr.ip_v = IPVERSION;
 			session->ip4_hdr.ip_hl = 5;
 			session->ip4_hdr.ip_len = rte_cpu_to_be_16(
@@ -2673,9 +2791,6 @@ dpaa_sec_set_ipsec_session(__rte_unused struct rte_cryptodev *dev,
 			session->encap_pdb.ip_hdr_len = sizeof(struct ip);
 		} else if (ipsec_xform->tunnel.type ==
 				RTE_SECURITY_IPSEC_TUNNEL_IPV6) {
-			memset(&session->encap_pdb, 0,
-				sizeof(struct ipsec_encap_pdb) +
-				sizeof(session->ip6_hdr));
 			session->ip6_hdr.vtc_flow = rte_cpu_to_be_32(
 				DPAA_IPv6_DEFAULT_VTC_FLOW |
 				((ipsec_xform->tunnel.ipv6.dscp <<
@@ -2707,10 +2822,9 @@ dpaa_sec_set_ipsec_session(__rte_unused struct rte_cryptodev *dev,
 		if (ipsec_xform->options.esn)
 			session->encap_pdb.options |= PDBOPTS_ESP_ESN;
 		session->encap_pdb.spi = ipsec_xform->spi;
-		session->dir = DIR_ENC;
+
 	} else if (ipsec_xform->direction ==
 			RTE_SECURITY_IPSEC_SA_DIR_INGRESS) {
-		memset(&session->decap_pdb, 0, sizeof(struct ipsec_decap_pdb));
 		if (ipsec_xform->tunnel.type == RTE_SECURITY_IPSEC_TUNNEL_IPV4)
 			session->decap_pdb.options = sizeof(struct ip) << 16;
 		else
@@ -2718,7 +2832,6 @@ dpaa_sec_set_ipsec_session(__rte_unused struct rte_cryptodev *dev,
 					sizeof(struct rte_ipv6_hdr) << 16;
 		if (ipsec_xform->options.esn)
 			session->decap_pdb.options |= PDBOPTS_ESP_ESN;
-		session->dir = DIR_DEC;
 	} else
 		goto out;
 	rte_spinlock_lock(&internals->lock);

From patchwork Wed Nov  6 05:17:26 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Hemant Agrawal <hemant.agrawal@nxp.com>
X-Patchwork-Id: 62508
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from dpdk.org (dpdk.org [92.243.14.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 9C267A04A2;
	Wed,  6 Nov 2019 06:21:45 +0100 (CET)
Received: from [92.243.14.124] (localhost [127.0.0.1])
	by dpdk.org (Postfix) with ESMTP id 5C8F71BFD4;
	Wed,  6 Nov 2019 06:20:55 +0100 (CET)
Received: from inva021.nxp.com (inva021.nxp.com [92.121.34.21])
 by dpdk.org (Postfix) with ESMTP id 952631BF87
 for <dev@dpdk.org>; Wed,  6 Nov 2019 06:20:43 +0100 (CET)
Received: from inva021.nxp.com (localhost [127.0.0.1])
 by inva021.eu-rdc02.nxp.com (Postfix) with ESMTP id 1C8922005A4;
 Wed,  6 Nov 2019 06:20:43 +0100 (CET)
Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com
 [165.114.16.14])
 by inva021.eu-rdc02.nxp.com (Postfix) with ESMTP id 746C9200302;
 Wed,  6 Nov 2019 06:20:41 +0100 (CET)
Received: from bf-netperf1.ap.freescale.net (bf-netperf1.ap.freescale.net
 [10.232.133.63])
 by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id 9AF5940285;
 Wed,  6 Nov 2019 13:20:38 +0800 (SGT)
From: Hemant Agrawal <hemant.agrawal@nxp.com>
To: dev@dpdk.org
Cc: akhil.goyal@nxp.com
Date: Wed,  6 Nov 2019 10:47:26 +0530
Message-Id: <20191106051731.3625-8-hemant.agrawal@nxp.com>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20191106051731.3625-1-hemant.agrawal@nxp.com>
References: <20191101175141.4663-1-hemant.agrawal@nxp.com>
 <20191106051731.3625-1-hemant.agrawal@nxp.com>
X-Virus-Scanned: ClamAV using ClamSMTP
Subject: [dpdk-dev] [PATCH v3 08/13] test/cryptodev: enable additional cases
	for dpaax
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

This patch enables short buffer and 12 bit IV AES-CTR cases
for dpaax_sec pmds.

Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 app/test/test_cryptodev_aes_test_vectors.h | 24 +++++++++++++++++++---
 1 file changed, 21 insertions(+), 3 deletions(-)

diff --git a/app/test/test_cryptodev_aes_test_vectors.h b/app/test/test_cryptodev_aes_test_vectors.h
index 54a8082cf..9afa3aef8 100644
--- a/app/test/test_cryptodev_aes_test_vectors.h
+++ b/app/test/test_cryptodev_aes_test_vectors.h
@@ -1605,6 +1605,8 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_MB |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_NITROX
 	},
 		{
@@ -1716,6 +1718,8 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 		.test_data = &aes_test_data_13,
 		.op_mask = BLOCKCIPHER_TEST_OP_ENC_AUTH_GEN,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_ARMV8 |
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX |
 			BLOCKCIPHER_TEST_TARGET_PMD_NITROX |
@@ -1777,6 +1781,8 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 		.test_data = &aes_test_data_13,
 		.op_mask = BLOCKCIPHER_TEST_OP_AUTH_VERIFY_DEC,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_ARMV8 |
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX |
 			BLOCKCIPHER_TEST_TARGET_PMD_NITROX |
@@ -1806,6 +1812,8 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 		.test_data = &aes_test_data_12,
 		.op_mask = BLOCKCIPHER_TEST_OP_ENC_AUTH_GEN,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_ARMV8 |
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX |
 			BLOCKCIPHER_TEST_TARGET_PMD_NITROX |
@@ -1835,6 +1843,8 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 		.test_data = &aes_test_data_12,
 		.op_mask = BLOCKCIPHER_TEST_OP_AUTH_VERIFY_DEC,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_ARMV8 |
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
 			BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX |
 			BLOCKCIPHER_TEST_TARGET_PMD_NITROX |
@@ -1954,6 +1964,8 @@ static const struct blockcipher_test_case aes_chain_test_cases[] = {
 		.op_mask = BLOCKCIPHER_TEST_OP_ENC_AUTH_GEN,
 		.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_MB |
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
+			BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC |
 			BLOCKCIPHER_TEST_TARGET_PMD_QAT |
 			BLOCKCIPHER_TEST_TARGET_PMD_NITROX
 	},
@@ -2400,7 +2412,9 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 		.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_MB |
 			    BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX |
-			    BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX2
+			    BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX2 |
+				BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
+				BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC
 	},
 	{
 		.test_descr = "AES-192-CTR Encryption (12-byte IV)",
@@ -2408,7 +2422,9 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 		.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_MB |
 			    BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX |
-			    BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX2
+			    BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX2 |
+				BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
+				BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC
 	},
 	{
 		.test_descr = "AES-256-CTR Encryption (12-byte IV)",
@@ -2416,7 +2432,9 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 		.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_MB |
 			    BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX |
-			    BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX2
+			    BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX2 |
+				BLOCKCIPHER_TEST_TARGET_PMD_DPAA2_SEC |
+				BLOCKCIPHER_TEST_TARGET_PMD_DPAA_SEC
 	},
 	{
 		.test_descr = "AES-128-XTS Encryption (16-byte plaintext)",

From patchwork Wed Nov  6 05:17:27 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Hemant Agrawal <hemant.agrawal@nxp.com>
X-Patchwork-Id: 62507
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from dpdk.org (dpdk.org [92.243.14.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 85E80A04A2;
	Wed,  6 Nov 2019 06:21:36 +0100 (CET)
Received: from [92.243.14.124] (localhost [127.0.0.1])
	by dpdk.org (Postfix) with ESMTP id 1CC711BFCA;
	Wed,  6 Nov 2019 06:20:54 +0100 (CET)
Received: from inva020.nxp.com (inva020.nxp.com [92.121.34.13])
 by dpdk.org (Postfix) with ESMTP id 094AD1BF7A
 for <dev@dpdk.org>; Wed,  6 Nov 2019 06:20:43 +0100 (CET)
Received: from inva020.nxp.com (localhost [127.0.0.1])
 by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id D740C1A010F;
 Wed,  6 Nov 2019 06:20:42 +0100 (CET)
Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com
 [165.114.16.14])
 by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id 747011A0726;
 Wed,  6 Nov 2019 06:20:41 +0100 (CET)
Received: from bf-netperf1.ap.freescale.net (bf-netperf1.ap.freescale.net
 [10.232.133.63])
 by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id 27BD8402DF;
 Wed,  6 Nov 2019 13:20:39 +0800 (SGT)
From: Hemant Agrawal <hemant.agrawal@nxp.com>
To: dev@dpdk.org
Cc: akhil.goyal@nxp.com
Date: Wed,  6 Nov 2019 10:47:27 +0530
Message-Id: <20191106051731.3625-9-hemant.agrawal@nxp.com>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20191106051731.3625-1-hemant.agrawal@nxp.com>
References: <20191101175141.4663-1-hemant.agrawal@nxp.com>
 <20191106051731.3625-1-hemant.agrawal@nxp.com>
X-Virus-Scanned: ClamAV using ClamSMTP
Subject: [dpdk-dev] [PATCH v3 09/13] crypto/dpaa2_sec: enable warning with
	truncated sha256
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

This patch throw the warning when using truncted digest
len for SHA256 case.

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 4 ++++
 drivers/crypto/dpaa_sec/dpaa_sec.c          | 4 ++++
 2 files changed, 8 insertions(+)

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index 173ec8095..668832f16 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -2657,6 +2657,10 @@ dpaa2_sec_ipsec_proto_init(struct rte_crypto_cipher_xform *cipher_xform,
 	case RTE_CRYPTO_AUTH_SHA256_HMAC:
 		authdata->algtype = OP_PCL_IPSEC_HMAC_SHA2_256_128;
 		authdata->algmode = OP_ALG_AAI_HMAC;
+		if (session->digest_length != 16)
+			DPAA2_SEC_WARN(
+			"+++Using sha256-hmac truncated len is non-standard,"
+			"it will not work with lookaside proto");
 		break;
 	case RTE_CRYPTO_AUTH_SHA384_HMAC:
 		authdata->algtype = OP_PCL_IPSEC_HMAC_SHA2_384_192;
diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c
index 27a31d065..e729ed7db 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
@@ -2645,6 +2645,10 @@ dpaa_sec_ipsec_proto_init(struct rte_crypto_cipher_xform *cipher_xform,
 	case RTE_CRYPTO_AUTH_SHA256_HMAC:
 		session->auth_key.alg = OP_PCL_IPSEC_HMAC_SHA2_256_128;
 		session->auth_key.algmode = OP_ALG_AAI_HMAC;
+		if (session->digest_length != 16)
+			DPAA_SEC_WARN(
+			"+++Using sha256-hmac truncated len is non-standard,"
+			"it will not work with lookaside proto");
 		break;
 	case RTE_CRYPTO_AUTH_SHA384_HMAC:
 		session->auth_key.alg = OP_PCL_IPSEC_HMAC_SHA2_384_192;

From patchwork Wed Nov  6 05:17:28 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Hemant Agrawal <hemant.agrawal@nxp.com>
X-Patchwork-Id: 62509
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from dpdk.org (dpdk.org [92.243.14.124])
	by inbox.dpdk.org (Postfix) with ESMTP id DC019A04A2;
	Wed,  6 Nov 2019 06:21:53 +0100 (CET)
Received: from [92.243.14.124] (localhost [127.0.0.1])
	by dpdk.org (Postfix) with ESMTP id F251C1BFE4;
	Wed,  6 Nov 2019 06:20:56 +0100 (CET)
Received: from inva021.nxp.com (inva021.nxp.com [92.121.34.21])
 by dpdk.org (Postfix) with ESMTP id A80811BF8F
 for <dev@dpdk.org>; Wed,  6 Nov 2019 06:20:44 +0100 (CET)
Received: from inva021.nxp.com (localhost [127.0.0.1])
 by inva021.eu-rdc02.nxp.com (Postfix) with ESMTP id 6A3362005A2;
 Wed,  6 Nov 2019 06:20:44 +0100 (CET)
Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com
 [165.114.16.14])
 by inva021.eu-rdc02.nxp.com (Postfix) with ESMTP id 059AC2005A1;
 Wed,  6 Nov 2019 06:20:43 +0100 (CET)
Received: from bf-netperf1.ap.freescale.net (bf-netperf1.ap.freescale.net
 [10.232.133.63])
 by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id A8136402E5;
 Wed,  6 Nov 2019 13:20:39 +0800 (SGT)
From: Hemant Agrawal <hemant.agrawal@nxp.com>
To: dev@dpdk.org
Cc: akhil.goyal@nxp.com
Date: Wed,  6 Nov 2019 10:47:28 +0530
Message-Id: <20191106051731.3625-10-hemant.agrawal@nxp.com>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20191106051731.3625-1-hemant.agrawal@nxp.com>
References: <20191101175141.4663-1-hemant.agrawal@nxp.com>
 <20191106051731.3625-1-hemant.agrawal@nxp.com>
X-Virus-Scanned: ClamAV using ClamSMTP
Subject: [dpdk-dev] [PATCH v3 10/13] crypto/dpaa2_sec: remove unwanted
	context type check
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

From: Gagandeep Singh <g.singh@nxp.com>

This patch remove redundant checks.

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 17 ++++++-----------
 1 file changed, 6 insertions(+), 11 deletions(-)

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index 668832f16..96753caad 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -1582,18 +1582,13 @@ sec_fd_to_mbuf(const struct qbman_fd *fd)
 
 #ifdef RTE_LIBRTE_SECURITY
 	if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) {
-		dpaa2_sec_session *sess = (dpaa2_sec_session *)
-			get_sec_session_private_data(op->sym->sec_session);
-		if (sess->ctxt_type == DPAA2_SEC_IPSEC ||
-				sess->ctxt_type == DPAA2_SEC_PDCP) {
-			uint16_t len = DPAA2_GET_FD_LEN(fd);
-			dst->pkt_len = len;
-			while (dst->next != NULL) {
-				len -= dst->data_len;
-				dst = dst->next;
-			}
-			dst->data_len = len;
+		uint16_t len = DPAA2_GET_FD_LEN(fd);
+		dst->pkt_len = len;
+		while (dst->next != NULL) {
+			len -= dst->data_len;
+			dst = dst->next;
 		}
+		dst->data_len = len;
 	}
 #endif
 	DPAA2_SEC_DP_DEBUG("mbuf %p BMAN buf addr %p,"

From patchwork Wed Nov  6 05:17:29 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Hemant Agrawal <hemant.agrawal@nxp.com>
X-Patchwork-Id: 62511
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from dpdk.org (dpdk.org [92.243.14.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 8483FA04A2;
	Wed,  6 Nov 2019 06:22:09 +0100 (CET)
Received: from [92.243.14.124] (localhost [127.0.0.1])
	by dpdk.org (Postfix) with ESMTP id A454B1BFF7;
	Wed,  6 Nov 2019 06:20:59 +0100 (CET)
Received: from inva021.nxp.com (inva021.nxp.com [92.121.34.21])
 by dpdk.org (Postfix) with ESMTP id C7F771BF96
 for <dev@dpdk.org>; Wed,  6 Nov 2019 06:20:44 +0100 (CET)
Received: from inva021.nxp.com (localhost [127.0.0.1])
 by inva021.eu-rdc02.nxp.com (Postfix) with ESMTP id 69AE3200334;
 Wed,  6 Nov 2019 06:20:44 +0100 (CET)
Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com
 [165.114.16.14])
 by inva021.eu-rdc02.nxp.com (Postfix) with ESMTP id 0583B20058D;
 Wed,  6 Nov 2019 06:20:43 +0100 (CET)
Received: from bf-netperf1.ap.freescale.net (bf-netperf1.ap.freescale.net
 [10.232.133.63])
 by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id 3DE7240314;
 Wed,  6 Nov 2019 13:20:40 +0800 (SGT)
From: Hemant Agrawal <hemant.agrawal@nxp.com>
To: dev@dpdk.org
Cc: akhil.goyal@nxp.com
Date: Wed,  6 Nov 2019 10:47:29 +0530
Message-Id: <20191106051731.3625-11-hemant.agrawal@nxp.com>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20191106051731.3625-1-hemant.agrawal@nxp.com>
References: <20191101175141.4663-1-hemant.agrawal@nxp.com>
 <20191106051731.3625-1-hemant.agrawal@nxp.com>
X-Virus-Scanned: ClamAV using ClamSMTP
Subject: [dpdk-dev] [PATCH v3 11/13] crypto/dpaa_sec: use macros in queue
	attach and detach
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

From: Gagandeep Singh <g.singh@nxp.com>

Align the cleanup and allocation for the queues.

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/crypto/dpaa_sec/dpaa_sec.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c
index e729ed7db..990708de4 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
@@ -2303,7 +2303,7 @@ dpaa_sec_attach_rxq(struct dpaa_sec_dev_private *qi)
 {
 	unsigned int i;
 
-	for (i = 0; i < qi->max_nb_sessions * MAX_DPAA_CORES; i++) {
+	for (i = 0; i < RTE_DPAA_MAX_RX_QUEUE; i++) {
 		if (qi->inq_attach[i] == 0) {
 			qi->inq_attach[i] = 1;
 			return &qi->inq[i];
@@ -2319,9 +2319,10 @@ dpaa_sec_detach_rxq(struct dpaa_sec_dev_private *qi, struct qman_fq *fq)
 {
 	unsigned int i;
 
-	for (i = 0; i < qi->max_nb_sessions; i++) {
+	for (i = 0; i < RTE_DPAA_MAX_RX_QUEUE; i++) {
 		if (&qi->inq[i] == fq) {
-			qman_retire_fq(fq, NULL);
+			if (qman_retire_fq(fq, NULL) != 0)
+				DPAA_SEC_WARN("Queue is not retired\n");
 			qman_oos_fq(fq);
 			qi->inq_attach[i] = 0;
 			return 0;
@@ -3408,7 +3409,7 @@ dpaa_sec_dev_init(struct rte_cryptodev *cryptodev)
 
 	flags = QMAN_FQ_FLAG_LOCKED | QMAN_FQ_FLAG_DYNAMIC_FQID |
 		QMAN_FQ_FLAG_TO_DCPORTAL;
-	for (i = 0; i < MAX_DPAA_CORES * internals->max_nb_sessions; i++) {
+	for (i = 0; i < RTE_DPAA_MAX_RX_QUEUE; i++) {
 		/* create rx qman fq for sessions*/
 		ret = qman_create_fq(0, flags, &internals->inq[i]);
 		if (unlikely(ret != 0)) {

From patchwork Wed Nov  6 05:17:30 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Hemant Agrawal <hemant.agrawal@nxp.com>
X-Patchwork-Id: 62510
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from dpdk.org (dpdk.org [92.243.14.124])
	by inbox.dpdk.org (Postfix) with ESMTP id EFF42A04A2;
	Wed,  6 Nov 2019 06:22:00 +0100 (CET)
Received: from [92.243.14.124] (localhost [127.0.0.1])
	by dpdk.org (Postfix) with ESMTP id 39DA21BFF1;
	Wed,  6 Nov 2019 06:20:58 +0100 (CET)
Received: from inva020.nxp.com (inva020.nxp.com [92.121.34.13])
 by dpdk.org (Postfix) with ESMTP id 6F4391BF89
 for <dev@dpdk.org>; Wed,  6 Nov 2019 06:20:44 +0100 (CET)
Received: from inva020.nxp.com (localhost [127.0.0.1])
 by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id 52A8E1A010F;
 Wed,  6 Nov 2019 06:20:44 +0100 (CET)
Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com
 [165.114.16.14])
 by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id B42B11A0795;
 Wed,  6 Nov 2019 06:20:42 +0100 (CET)
Received: from bf-netperf1.ap.freescale.net (bf-netperf1.ap.freescale.net
 [10.232.133.63])
 by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id BE71A40318;
 Wed,  6 Nov 2019 13:20:40 +0800 (SGT)
From: Hemant Agrawal <hemant.agrawal@nxp.com>
To: dev@dpdk.org
Cc: akhil.goyal@nxp.com
Date: Wed,  6 Nov 2019 10:47:30 +0530
Message-Id: <20191106051731.3625-12-hemant.agrawal@nxp.com>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20191106051731.3625-1-hemant.agrawal@nxp.com>
References: <20191101175141.4663-1-hemant.agrawal@nxp.com>
 <20191106051731.3625-1-hemant.agrawal@nxp.com>
X-Virus-Scanned: ClamAV using ClamSMTP
Subject: [dpdk-dev] [PATCH v3 12/13] crypto/dpaa2_sec: use aes-ctr initial
	counter as 1
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

From: Vakul Garg <vakul.garg@nxp.com>

As per RFC3686, the initial aes-ctr counter value should be '1' for use
in ipsec. The patches changes SEC descriptor for using correct counter
value. In addition, it drops a redundant parameter for passing IV while
creating the descriptor.

Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
---
 drivers/common/dpaax/caamflib/desc/algo.h   | 21 +++++++++++++--------
 drivers/crypto/caam_jr/caam_jr.c            |  1 -
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c |  8 ++++----
 drivers/crypto/dpaa_sec/dpaa_sec.c          |  1 -
 4 files changed, 17 insertions(+), 14 deletions(-)

diff --git a/drivers/common/dpaax/caamflib/desc/algo.h b/drivers/common/dpaax/caamflib/desc/algo.h
index 83dbb80ce..345bb5b3f 100644
--- a/drivers/common/dpaax/caamflib/desc/algo.h
+++ b/drivers/common/dpaax/caamflib/desc/algo.h
@@ -289,12 +289,12 @@ cnstr_shdsc_snow_f9(uint32_t *descbuf, bool ps, bool swap,
 static inline int
 cnstr_shdsc_blkcipher(uint32_t *descbuf, bool ps, bool swap,
 		      enum rta_share_type share,
-		      struct alginfo *cipherdata, uint8_t *iv,
+		      struct alginfo *cipherdata,
 		      uint32_t ivlen, uint8_t dir)
 {
 	struct program prg;
 	struct program *p = &prg;
-	uint32_t iv_off = 0;
+	uint32_t iv_off = 0, counter;
 	const bool need_dk = (dir == DIR_DEC) &&
 			     (cipherdata->algtype == OP_ALG_ALGSEL_AES) &&
 			     (cipherdata->algmode == OP_ALG_AAI_CBC);
@@ -336,12 +336,17 @@ cnstr_shdsc_blkcipher(uint32_t *descbuf, bool ps, bool swap,
 	if (cipherdata->algmode == OP_ALG_AAI_CTR)
 		iv_off = 16;
 
-	if (iv)
-		/* IV load, convert size */
-		LOAD(p, (uintptr_t)iv, CONTEXT1, iv_off, ivlen, IMMED | COPY);
-	else
-		/* IV is present first before the actual message */
-		SEQLOAD(p, CONTEXT1, iv_off, ivlen, 0);
+	/* IV is present first before the actual message */
+	SEQLOAD(p, CONTEXT1, iv_off, ivlen, 0);
+
+	/* If IV len is less than 16 bytes, set 'counter' as 1 */
+	if (cipherdata->algmode == OP_ALG_AAI_CTR && ivlen < 16) {
+		counter = 1;
+		if (!swap)
+			counter = swab32(1);
+
+		LOAD(p, counter, CONTEXT1, (iv_off + ivlen), 16 - ivlen, IMMED);
+	}
 
 	MATHB(p, SEQINSZ, SUB, MATH2, VSEQINSZ, 4, 0);
 	MATHB(p, SEQINSZ, SUB, MATH2, VSEQOUTSZ, 4, 0);
diff --git a/drivers/crypto/caam_jr/caam_jr.c b/drivers/crypto/caam_jr/caam_jr.c
index d1da9a64c..8aaa3d45f 100644
--- a/drivers/crypto/caam_jr/caam_jr.c
+++ b/drivers/crypto/caam_jr/caam_jr.c
@@ -336,7 +336,6 @@ caam_jr_prep_cdb(struct caam_jr_session *ses)
 		shared_desc_len = cnstr_shdsc_blkcipher(
 						cdb->sh_desc, true,
 						swap, SHR_NEVER, &alginfo_c,
-						NULL,
 						ses->iv.length,
 						ses->dir);
 	} else if (is_auth_only(ses)) {
diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index 96753caad..46925be5f 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -1858,7 +1858,7 @@ dpaa2_sec_cipher_init(struct rte_cryptodev *dev,
 		cipherdata.algmode = OP_ALG_AAI_CBC;
 		session->cipher_alg = RTE_CRYPTO_CIPHER_AES_CBC;
 		bufsize = cnstr_shdsc_blkcipher(priv->flc_desc[0].desc, 1, 0,
-						SHR_NEVER, &cipherdata, NULL,
+						SHR_NEVER, &cipherdata,
 						session->iv.length,
 						session->dir);
 		break;
@@ -1867,7 +1867,7 @@ dpaa2_sec_cipher_init(struct rte_cryptodev *dev,
 		cipherdata.algmode = OP_ALG_AAI_CBC;
 		session->cipher_alg = RTE_CRYPTO_CIPHER_3DES_CBC;
 		bufsize = cnstr_shdsc_blkcipher(priv->flc_desc[0].desc, 1, 0,
-						SHR_NEVER, &cipherdata, NULL,
+						SHR_NEVER, &cipherdata,
 						session->iv.length,
 						session->dir);
 		break;
@@ -1876,7 +1876,7 @@ dpaa2_sec_cipher_init(struct rte_cryptodev *dev,
 		cipherdata.algmode = OP_ALG_AAI_CTR;
 		session->cipher_alg = RTE_CRYPTO_CIPHER_AES_CTR;
 		bufsize = cnstr_shdsc_blkcipher(priv->flc_desc[0].desc, 1, 0,
-						SHR_NEVER, &cipherdata, NULL,
+						SHR_NEVER, &cipherdata,
 						session->iv.length,
 						session->dir);
 		break;
@@ -1885,7 +1885,7 @@ dpaa2_sec_cipher_init(struct rte_cryptodev *dev,
 		cipherdata.algmode = OP_ALG_AAI_CTR;
 		session->cipher_alg = RTE_CRYPTO_CIPHER_3DES_CTR;
 		bufsize = cnstr_shdsc_blkcipher(priv->flc_desc[0].desc, 1, 0,
-						SHR_NEVER, &cipherdata, NULL,
+						SHR_NEVER, &cipherdata,
 						session->iv.length,
 						session->dir);
 		break;
diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c
index 990708de4..2c1915fec 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
@@ -478,7 +478,6 @@ dpaa_sec_prep_cdb(dpaa_sec_session *ses)
 			shared_desc_len = cnstr_shdsc_blkcipher(
 					cdb->sh_desc, true,
 					swap, SHR_NEVER, &alginfo_c,
-					NULL,
 					ses->iv.length,
 					ses->dir);
 			break;

From patchwork Wed Nov  6 05:17:31 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Hemant Agrawal <hemant.agrawal@nxp.com>
X-Patchwork-Id: 62512
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from dpdk.org (dpdk.org [92.243.14.124])
	by inbox.dpdk.org (Postfix) with ESMTP id E0881A04A2;
	Wed,  6 Nov 2019 06:22:22 +0100 (CET)
Received: from [92.243.14.124] (localhost [127.0.0.1])
	by dpdk.org (Postfix) with ESMTP id DF28C1C014;
	Wed,  6 Nov 2019 06:21:01 +0100 (CET)
Received: from inva021.nxp.com (inva021.nxp.com [92.121.34.21])
 by dpdk.org (Postfix) with ESMTP id 420691BF8F
 for <dev@dpdk.org>; Wed,  6 Nov 2019 06:20:45 +0100 (CET)
Received: from inva021.nxp.com (localhost [127.0.0.1])
 by inva021.eu-rdc02.nxp.com (Postfix) with ESMTP id 2316020059D;
 Wed,  6 Nov 2019 06:20:45 +0100 (CET)
Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com
 [165.114.16.14])
 by inva021.eu-rdc02.nxp.com (Postfix) with ESMTP id 7F483200302;
 Wed,  6 Nov 2019 06:20:43 +0100 (CET)
Received: from bf-netperf1.ap.freescale.net (bf-netperf1.ap.freescale.net
 [10.232.133.63])
 by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id 4B616402A9;
 Wed,  6 Nov 2019 13:20:41 +0800 (SGT)
From: Hemant Agrawal <hemant.agrawal@nxp.com>
To: dev@dpdk.org
Cc: akhil.goyal@nxp.com
Date: Wed,  6 Nov 2019 10:47:31 +0530
Message-Id: <20191106051731.3625-13-hemant.agrawal@nxp.com>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20191106051731.3625-1-hemant.agrawal@nxp.com>
References: <20191101175141.4663-1-hemant.agrawal@nxp.com>
 <20191106051731.3625-1-hemant.agrawal@nxp.com>
X-Virus-Scanned: ClamAV using ClamSMTP
Subject: [dpdk-dev] [PATCH v3 13/13] crypto/dpaa_sec: enable ipsec aes-ctr
	to use nonce
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

From: Vakul Garg <vakul.garg@nxp.com>

The protocol aware ipsec descriptor has been modified to
use ctr_initial value of 1 and salt configured for ipsec SA.

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
---
 drivers/common/dpaax/caamflib/desc/ipsec.h  | 18 ++++++++----------
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c |  8 ++++++++
 drivers/crypto/dpaa_sec/dpaa_sec.c          | 12 ++++++++++--
 3 files changed, 26 insertions(+), 12 deletions(-)

diff --git a/drivers/common/dpaax/caamflib/desc/ipsec.h b/drivers/common/dpaax/caamflib/desc/ipsec.h
index f33c68cc9..cf6fa4252 100644
--- a/drivers/common/dpaax/caamflib/desc/ipsec.h
+++ b/drivers/common/dpaax/caamflib/desc/ipsec.h
@@ -256,14 +256,14 @@ struct ipsec_encap_cbc {
 
 /**
  * struct ipsec_encap_ctr - PDB part for IPsec CTR encapsulation
- * @ctr_nonce: 4-byte array nonce
+ * @ctr_nonce: 4-byte nonce
  * @ctr_initial: initial count constant
  * @iv: initialization vector
  */
 struct ipsec_encap_ctr {
-	uint8_t ctr_nonce[4];
+	uint32_t ctr_nonce;
 	uint32_t ctr_initial;
-	uint64_t iv;
+	uint8_t iv[8];
 };
 
 /**
@@ -346,10 +346,9 @@ __rta_copy_ipsec_encap_pdb(struct program *program,
 		break;
 
 	case OP_PCL_IPSEC_AES_CTR:
-		rta_copy_data(program, pdb->ctr.ctr_nonce,
-			      sizeof(pdb->ctr.ctr_nonce));
+		rta_copy_data(program, (uint8_t *)&pdb->ctr.ctr_nonce, 4);
 		__rta_out32(program, pdb->ctr.ctr_initial);
-		__rta_out64(program, true, pdb->ctr.iv);
+		rta_copy_data(program, pdb->ctr.iv, sizeof(pdb->ctr.iv));
 		break;
 
 	case OP_PCL_IPSEC_AES_CCM8:
@@ -386,11 +385,11 @@ struct ipsec_decap_cbc {
 
 /**
  * struct ipsec_decap_ctr - PDB part for IPsec CTR decapsulation
- * @ctr_nonce: 4-byte array nonce
+ * @ctr_nonce: 4-byte nonce
  * @ctr_initial: initial count constant
  */
 struct ipsec_decap_ctr {
-	uint8_t ctr_nonce[4];
+	uint32_t ctr_nonce;
 	uint32_t ctr_initial;
 };
 
@@ -464,8 +463,7 @@ __rta_copy_ipsec_decap_pdb(struct program *program,
 		break;
 
 	case OP_PCL_IPSEC_AES_CTR:
-		rta_copy_data(program, pdb->ctr.ctr_nonce,
-			      sizeof(pdb->ctr.ctr_nonce));
+		rta_copy_data(program, (uint8_t *)&pdb->ctr.ctr_nonce, 4);
 		__rta_out32(program, pdb->ctr.ctr_initial);
 		break;
 
diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index 46925be5f..555730519 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -2811,6 +2811,10 @@ dpaa2_sec_set_ipsec_session(struct rte_cryptodev *dev,
 
 		/* copy algo specific data to PDB */
 		switch (cipherdata.algtype) {
+		case OP_PCL_IPSEC_AES_CTR:
+			encap_pdb.ctr.ctr_initial = 0x00000001;
+			encap_pdb.ctr.ctr_nonce = ipsec_xform->salt;
+			break;
 		case OP_PCL_IPSEC_AES_GCM8:
 		case OP_PCL_IPSEC_AES_GCM12:
 		case OP_PCL_IPSEC_AES_GCM16:
@@ -2881,6 +2885,10 @@ dpaa2_sec_set_ipsec_session(struct rte_cryptodev *dev,
 		memset(&decap_pdb, 0, sizeof(struct ipsec_decap_pdb));
 		/* copy algo specific data to PDB */
 		switch (cipherdata.algtype) {
+		case OP_PCL_IPSEC_AES_CTR:
+			decap_pdb.ctr.ctr_initial = 0x00000001;
+			decap_pdb.ctr.ctr_nonce = ipsec_xform->salt;
+			break;
 		case OP_PCL_IPSEC_AES_GCM8:
 		case OP_PCL_IPSEC_AES_GCM12:
 		case OP_PCL_IPSEC_AES_GCM16:
diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c
index 2c1915fec..b0fa74540 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
@@ -2592,6 +2592,7 @@ dpaa_sec_ipsec_aead_init(struct rte_crypto_aead_xform *aead_xform,
 static int
 dpaa_sec_ipsec_proto_init(struct rte_crypto_cipher_xform *cipher_xform,
 	struct rte_crypto_auth_xform *auth_xform,
+	struct rte_security_ipsec_xform *ipsec_xform,
 	dpaa_sec_session *session)
 {
 	if (cipher_xform) {
@@ -2698,6 +2699,13 @@ dpaa_sec_ipsec_proto_init(struct rte_crypto_cipher_xform *cipher_xform,
 	case RTE_CRYPTO_CIPHER_AES_CTR:
 		session->cipher_key.alg = OP_PCL_IPSEC_AES_CTR;
 		session->cipher_key.algmode = OP_ALG_AAI_CTR;
+		if (session->dir == DIR_ENC) {
+			session->encap_pdb.ctr.ctr_initial = 0x00000001;
+			session->encap_pdb.ctr.ctr_nonce = ipsec_xform->salt;
+		} else {
+			session->decap_pdb.ctr.ctr_initial = 0x00000001;
+			session->decap_pdb.ctr.ctr_nonce = ipsec_xform->salt;
+		}
 		break;
 	case RTE_CRYPTO_CIPHER_NULL:
 		session->cipher_key.alg = OP_PCL_IPSEC_NULL;
@@ -2749,13 +2757,13 @@ dpaa_sec_set_ipsec_session(__rte_unused struct rte_cryptodev *dev,
 		if (conf->crypto_xform->next)
 			auth_xform = &conf->crypto_xform->next->auth;
 		ret = dpaa_sec_ipsec_proto_init(cipher_xform, auth_xform,
-					session);
+					ipsec_xform, session);
 	} else if (conf->crypto_xform->type == RTE_CRYPTO_SYM_XFORM_AUTH) {
 		auth_xform = &conf->crypto_xform->auth;
 		if (conf->crypto_xform->next)
 			cipher_xform = &conf->crypto_xform->next->cipher;
 		ret = dpaa_sec_ipsec_proto_init(cipher_xform, auth_xform,
-					session);
+					ipsec_xform, session);
 	} else if (conf->crypto_xform->type == RTE_CRYPTO_SYM_XFORM_AEAD) {
 		aead_xform = &conf->crypto_xform->aead;
 		ret = dpaa_sec_ipsec_aead_init(aead_xform,