diff mbox series

[1/7] crypto/cnxk: return error for unsupported paths

Message ID	20230428144647.1072-2-ktejasree@marvell.com (mailing list archive)
State	Accepted, archived
Delegated to:	akhil goyal
Headers	From: Tejasree Kondoj <ktejasree@marvell.com> To: Akhil Goyal <gakhil@marvell.com> CC: Anoob Joseph <anoobj@marvell.com>, Jerin Jacob <jerinj@marvell.com>, Aakash Sasidharan <asasidharan@marvell.com>, Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>, Vidya Sagar Velumuri <vvelumuri@marvell.com>, <dev@dpdk.org> Subject: [PATCH 1/7] crypto/cnxk: return error for unsupported paths Date: Fri, 28 Apr 2023 20:16:41 +0530 Message-ID: <20230428144647.1072-2-ktejasree@marvell.com> In-Reply-To: <20230428144647.1072-1-ktejasree@marvell.com> References: <20230428144647.1072-1-ktejasree@marvell.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain Precedence: list Errors-To: dev-bounces@dpdk.org
Series	fixes and improvements to CNXK crypto PMD \| [0/7] fixes and improvements to CNXK crypto PMD [1/7] crypto/cnxk: return error for unsupported paths [2/7] crypto/cnxk: add cryptodev reconfiguration support [3/7] crypto/cnxk: add CN10K pdcp chain support [4/7] crypto/cnxk: support SM3 hash [5/7] crypto/cnxk: set local variables to template value [6/7] crypto/cnxk: increase max segments [7/7] crypto/cnxk: remove redundant assignment

Checks

Context	Check	Description
ci/checkpatch	success	coding style OK

Commit Message

Tejasree Kondoj April 28, 2023, 2:46 p.m. UTC

  Returning error in control path for unsupported
algorithm combinations.

Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>
---
 drivers/common/cnxk/roc_se.c             | 12 +++++++++---
 drivers/crypto/cnxk/cnxk_cryptodev_ops.c |  5 +++++
 2 files changed, 14 insertions(+), 3 deletions(-)

diff mbox series

Patch

diff --git a/drivers/common/cnxk/roc_se.c b/drivers/common/cnxk/roc_se.c
index 5a894013a6..aad2b513c7 100644
--- a/drivers/common/cnxk/roc_se.c
+++ b/drivers/common/cnxk/roc_se.c
@@ -329,6 +329,11 @@  roc_se_auth_key_set(struct roc_se_ctx *se_ctx, roc_se_auth_type type,
 		if (!key_len)
 			return -1;
 
+		if (se_ctx->fc_type == ROC_SE_FC_GEN) {
+			plt_err("Cipher and Auth algorithm combination is not supported");
+			return -1;
+		}
+
 		if (roc_model_is_cn9k()) {
 			ci_key = zs_ctx->zuc.onk_ctx.ci_key;
 			zuc_const = zs_ctx->zuc.onk_ctx.zuc_const;
@@ -454,12 +459,13 @@  roc_se_auth_key_set(struct roc_se_ctx *se_ctx, roc_se_auth_type type,
 		return 0;
 	}
 
-	if (!se_ctx->fc_type ||
-	    (type && type != ROC_SE_GMAC_TYPE && !se_ctx->enc_cipher))
+	if (!se_ctx->fc_type || (type && type != ROC_SE_GMAC_TYPE && !se_ctx->enc_cipher))
 		se_ctx->fc_type = ROC_SE_HASH_HMAC;
 
-	if (se_ctx->fc_type == ROC_SE_FC_GEN && key_len > 64)
+	if (se_ctx->fc_type == ROC_SE_FC_GEN && key_len > 64) {
+		plt_err("Maximum auth key length supported is 64");
 		return -1;
+	}
 
 	/* For GMAC auth, cipher must be NULL */
 	if (type == ROC_SE_GMAC_TYPE) {
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_ops.c b/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
index 86efe75cc3..0f59a6c99c 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
+++ b/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
@@ -551,6 +551,11 @@  cnxk_sess_fill(struct roc_cpt *roc_cpt, struct rte_crypto_sym_xform *xform,
 		return -EINVAL;
 	}
 
+	if (c_xfrm->cipher.algo == RTE_CRYPTO_CIPHER_AES_XTS) {
+		plt_err("AES XTS with auth algorithm is not supported");
+		return -ENOTSUP;
+	}
+
 	if (c_xfrm->cipher.algo == RTE_CRYPTO_CIPHER_3DES_CBC &&
 	    a_xfrm->auth.algo == RTE_CRYPTO_AUTH_SHA1) {
 		plt_dp_err("3DES-CBC + SHA1 is not supported");