crypto/qat: fix build when no openssl exists
Checks
Commit Message
Previously some compilation errors existed when no openssl
was installed on the system, and intel-ipsec-mb was installed,
due to missing headers and macros.
This patch fixes the issue by adding in extra ifdefs around openssl
specific code paths, and by adding the relevant macros explicitly
in QAT code so it does not depend on openssl at all.
Fixes: ca0ba0e48129 ("crypto/qat: default to IPsec MB for computations")
Cc: brian.dooley@intel.com
Cc: stable@dpdk.org
Signed-off-by: Ciara Power <ciara.power@intel.com>
---
drivers/crypto/qat/dev/qat_crypto_pmd_gens.h | 2 ++
drivers/crypto/qat/qat_sym.c | 2 ++
drivers/crypto/qat/qat_sym.h | 6 ++++--
drivers/crypto/qat/qat_sym_session.c | 13 ++++++-------
drivers/crypto/qat/qat_sym_session.h | 3 +++
5 files changed, 17 insertions(+), 9 deletions(-)
Comments
Acked-by: Kai Ji <kai.ji@intel.com<mailto:kai.ji@intel.com>>
> Previously some compilation errors existed when no openssl
> was installed on the system, and intel-ipsec-mb was installed,
> due to missing headers and macros.
>
> This patch fixes the issue by adding in extra ifdefs around openssl
> specific code paths, and by adding the relevant macros explicitly
> in QAT code so it does not depend on openssl at all.
>
> Fixes: ca0ba0e48129 ("crypto/qat: default to IPsec MB for computations")
> Cc: brian.dooley@intel.com
> Cc: stable@dpdk.org
>
> Signed-off-by: Ciara Power <ciara.power@intel.com>
Applied to dpdk-next-crypto
Thanks.
Hi Ciara,
> -----Original Message-----
> From: Power, Ciara <ciara.power@intel.com>
> Sent: Friday, October 27, 2023 3:23 PM
> To: dev@dpdk.org
> Cc: Power, Ciara <ciara.power@intel.com>; Dooley, Brian
> <brian.dooley@intel.com>; stable@dpdk.org; Ji, Kai <kai.ji@intel.com>
> Subject: [PATCH] crypto/qat: fix build when no openssl exists
>
> Previously some compilation errors existed when no openssl was installed on
> the system, and intel-ipsec-mb was installed, due to missing headers and
> macros.
>
> This patch fixes the issue by adding in extra ifdefs around openssl specific code
> paths, and by adding the relevant macros explicitly in QAT code so it does not
> depend on openssl at all.
>
> Fixes: ca0ba0e48129 ("crypto/qat: default to IPsec MB for computations")
> Cc: brian.dooley@intel.com
> Cc: stable@dpdk.org
>
> Signed-off-by: Ciara Power <ciara.power@intel.com>
Thanks!
Acked-by: Brian Dooley <brian.dooley@intel.com>
@@ -24,6 +24,7 @@
(ICP_QAT_FW_COMN_STATUS_FLAG_OK == \
ICP_QAT_FW_COMN_RESP_CRYPTO_STAT_GET(resp->comn_hdr.comn_status))
+#ifdef RTE_QAT_OPENSSL
static __rte_always_inline int
op_bpi_cipher_decrypt(uint8_t *src, uint8_t *dst,
uint8_t *iv, int ivlen, int srclen,
@@ -48,6 +49,7 @@ op_bpi_cipher_decrypt(uint8_t *src, uint8_t *dst,
QAT_DP_LOG(ERR, "libcrypto ECB cipher decrypt for BPI IV failed");
return -EINVAL;
}
+#endif
static __rte_always_inline uint32_t
qat_bpicipher_preprocess(struct qat_sym_session *ctx,
@@ -2,7 +2,9 @@
* Copyright(c) 2015-2023 Intel Corporation
*/
+#ifdef RTE_QAT_OPENSSL
#include <openssl/evp.h>
+#endif
#include <rte_mempool.h>
#include <rte_mbuf.h>
@@ -9,7 +9,9 @@
#include <rte_net_crc.h>
#ifdef BUILD_QAT_SYM
+#ifdef RTE_QAT_OPENSSL
#include <openssl/evp.h>
+#endif
#include <rte_security_driver.h>
#include "qat_common.h"
@@ -133,6 +135,7 @@ uint16_t
qat_sym_dequeue_burst(void *qp, struct rte_crypto_op **ops,
uint16_t nb_ops);
+#ifdef RTE_QAT_OPENSSL
/** Encrypt a single partial block
* Depends on openssl libcrypto
* Uses ECB+XOR to do CFB encryption, same result, more performant
@@ -161,8 +164,7 @@ bpi_cipher_encrypt(uint8_t *src, uint8_t *dst,
QAT_DP_LOG(ERR, "libcrypto ECB cipher encrypt failed");
return -EINVAL;
}
-
-#ifndef RTE_QAT_OPENSSL
+#else
static __rte_always_inline void
bpi_cipher_ipsec(uint8_t *src, uint8_t *dst, uint8_t *iv, int srclen,
uint64_t *expkey, IMB_MGR *m, uint8_t docsis_key_len)
@@ -4,10 +4,12 @@
#define OPENSSL_API_COMPAT 0x10100000L
+#ifdef RTE_QAT_OPENSSL
#include <openssl/sha.h> /* Needed to calculate pre-compute values */
#include <openssl/aes.h> /* Needed to calculate pre-compute values */
#include <openssl/md5.h> /* Needed to calculate pre-compute values */
#include <openssl/evp.h> /* Needed for bpi runt block processing */
+#endif
#ifndef RTE_QAT_OPENSSL
#ifndef RTE_ARCH_ARM
@@ -1272,24 +1274,21 @@ static int qat_hash_get_block_size(enum icp_qat_hw_auth_algo qat_hash_alg)
{
switch (qat_hash_alg) {
case ICP_QAT_HW_AUTH_ALGO_SHA1:
- return SHA_CBLOCK;
case ICP_QAT_HW_AUTH_ALGO_SHA224:
- return SHA256_CBLOCK;
case ICP_QAT_HW_AUTH_ALGO_SHA256:
- return SHA256_CBLOCK;
+ return QAT_SHA_CBLOCK;
case ICP_QAT_HW_AUTH_ALGO_SHA384:
- return SHA512_CBLOCK;
case ICP_QAT_HW_AUTH_ALGO_SHA512:
- return SHA512_CBLOCK;
+ return QAT_SHA512_CBLOCK;
case ICP_QAT_HW_AUTH_ALGO_GALOIS_128:
return 16;
case ICP_QAT_HW_AUTH_ALGO_AES_XCBC_MAC:
return ICP_QAT_HW_AES_BLK_SZ;
case ICP_QAT_HW_AUTH_ALGO_MD5:
- return MD5_CBLOCK;
+ return QAT_MD5_CBLOCK;
case ICP_QAT_HW_AUTH_ALGO_DELIMITER:
/* return maximum block size in this case */
- return SHA512_CBLOCK;
+ return QAT_SHA512_CBLOCK;
case ICP_QAT_HW_AUTH_ALGO_SM3:
return QAT_SM3_BLOCK_SIZE;
default:
@@ -69,6 +69,9 @@
(!!((flags) & (flag)))
#define QAT_SM3_BLOCK_SIZE 64
+#define QAT_SHA_CBLOCK 64
+#define QAT_SHA512_CBLOCK 128
+#define QAT_MD5_CBLOCK 64
enum qat_sym_proto_flag {
QAT_CRYPTO_PROTO_FLAG_NONE = 0,