[v4,1/2] crypto/ipsec_mb: bump minimum IPsec Multi-buffer version
Checks
Commit Message
SW PMDs increment IPsec Multi-buffer version to 1.4.
A minimum IPsec Multi-buffer version of 1.4 or greater is now required.
Signed-off-by: Sivaramakrishnan Venkat <venkatx.sivaramakrishnan@intel.com>
Acked-by: Ciara Power <ciara.power@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
v4:
- 24.03 release notes updated to bump minimum IPSec Multi-buffer
version to 1.4 for SW PMDs.
v2:
- Removed unused macro in ipsec_mb_ops.c
- set_gcm_job() modified correctly to keep multi_sgl_job line
- Updated SW PMDs documentation for minimum IPSec Multi-buffer version
- Updated commit message, and patch title.
---
doc/guides/cryptodevs/aesni_gcm.rst | 3 +-
doc/guides/cryptodevs/aesni_mb.rst | 3 +-
doc/guides/cryptodevs/chacha20_poly1305.rst | 3 +-
doc/guides/cryptodevs/kasumi.rst | 3 +-
doc/guides/cryptodevs/snow3g.rst | 3 +-
doc/guides/cryptodevs/zuc.rst | 3 +-
doc/guides/rel_notes/release_24_03.rst | 4 +
drivers/crypto/ipsec_mb/ipsec_mb_ops.c | 23 ---
drivers/crypto/ipsec_mb/meson.build | 2 +-
drivers/crypto/ipsec_mb/pmd_aesni_mb.c | 165 --------------------
drivers/crypto/ipsec_mb/pmd_aesni_mb_priv.h | 9 --
11 files changed, 17 insertions(+), 204 deletions(-)
Comments
> Subject: [PATCH v4 1/2] crypto/ipsec_mb: bump minimum IPsec Multi-buffer
> version
>
> SW PMDs increment IPsec Multi-buffer version to 1.4.
> A minimum IPsec Multi-buffer version of 1.4 or greater is now required.
>
> Signed-off-by: Sivaramakrishnan Venkat
> <venkatx.sivaramakrishnan@intel.com>
> Acked-by: Ciara Power <ciara.power@intel.com>
> Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Wathsala Vithanage <wathsala.vithanage@arm.com>
> ---
> v4:
> - 24.03 release notes updated to bump minimum IPSec Multi-buffer
> version to 1.4 for SW PMDs.
> v2:
> - Removed unused macro in ipsec_mb_ops.c
> - set_gcm_job() modified correctly to keep multi_sgl_job line
> - Updated SW PMDs documentation for minimum IPSec Multi-buffer
> version
> - Updated commit message, and patch title.
> ---
> doc/guides/cryptodevs/aesni_gcm.rst | 3 +-
> doc/guides/cryptodevs/aesni_mb.rst | 3 +-
> doc/guides/cryptodevs/chacha20_poly1305.rst | 3 +-
> doc/guides/cryptodevs/kasumi.rst | 3 +-
> doc/guides/cryptodevs/snow3g.rst | 3 +-
> doc/guides/cryptodevs/zuc.rst | 3 +-
> doc/guides/rel_notes/release_24_03.rst | 4 +
> drivers/crypto/ipsec_mb/ipsec_mb_ops.c | 23 ---
> drivers/crypto/ipsec_mb/meson.build | 2 +-
> drivers/crypto/ipsec_mb/pmd_aesni_mb.c | 165 --------------------
> drivers/crypto/ipsec_mb/pmd_aesni_mb_priv.h | 9 --
> 11 files changed, 17 insertions(+), 204 deletions(-)
>
> diff --git a/doc/guides/cryptodevs/aesni_gcm.rst
> b/doc/guides/cryptodevs/aesni_gcm.rst
> index f5773426ee..dc665e536c 100644
> --- a/doc/guides/cryptodevs/aesni_gcm.rst
> +++ b/doc/guides/cryptodevs/aesni_gcm.rst
> @@ -85,7 +85,8 @@ and the external crypto libraries supported by them:
> 18.05 - 19.02 Multi-buffer library 0.49 - 0.52
> 19.05 - 20.08 Multi-buffer library 0.52 - 0.55
> 20.11 - 21.08 Multi-buffer library 0.53 - 1.3*
> - 21.11+ Multi-buffer library 1.0 - 1.5*
> + 21.11 - 23.11 Multi-buffer library 1.0 - 1.5*
> + 24.03+ Multi-buffer library 1.4 - 1.5*
> ============= ================================
>
> \* Multi-buffer library 1.0 or newer only works for Meson but not Make build
> system.
> diff --git a/doc/guides/cryptodevs/aesni_mb.rst
> b/doc/guides/cryptodevs/aesni_mb.rst
> index b2e74ba417..5d670ee237 100644
> --- a/doc/guides/cryptodevs/aesni_mb.rst
> +++ b/doc/guides/cryptodevs/aesni_mb.rst
> @@ -146,7 +146,8 @@ and the Multi-Buffer library version supported by
> them:
> 19.05 - 19.08 0.52
> 19.11 - 20.08 0.52 - 0.55
> 20.11 - 21.08 0.53 - 1.3*
> - 21.11+ 1.0 - 1.5*
> + 21.11 - 23.11 1.0 - 1.5*
> + 24.03+ 1.4 - 1.5*
> ============== ============================
>
> \* Multi-buffer library 1.0 or newer only works for Meson but not Make build
> system.
> diff --git a/doc/guides/cryptodevs/chacha20_poly1305.rst
> b/doc/guides/cryptodevs/chacha20_poly1305.rst
> index 9d4bf86cf1..c32866b301 100644
> --- a/doc/guides/cryptodevs/chacha20_poly1305.rst
> +++ b/doc/guides/cryptodevs/chacha20_poly1305.rst
> @@ -72,7 +72,8 @@ and the external crypto libraries supported by them:
> ============= ================================
> DPDK version Crypto library version
> ============= ================================
> - 21.11+ Multi-buffer library 1.0-1.5*
> + 21.11 - 23.11 Multi-buffer library 1.0-1.5*
> + 24.03+ Multi-buffer library 1.4-1.5*
> ============= ================================
>
> \* Multi-buffer library 1.0 or newer only works for Meson but not Make build
> system.
> diff --git a/doc/guides/cryptodevs/kasumi.rst
> b/doc/guides/cryptodevs/kasumi.rst
> index 0989054875..a8f4e6b204 100644
> --- a/doc/guides/cryptodevs/kasumi.rst
> +++ b/doc/guides/cryptodevs/kasumi.rst
> @@ -87,7 +87,8 @@ and the external crypto libraries supported by them:
> ============= ================================
> 16.11 - 19.11 LibSSO KASUMI
> 20.02 - 21.08 Multi-buffer library 0.53 - 1.3*
> - 21.11+ Multi-buffer library 1.0 - 1.5*
> + 21.11 - 23.11 Multi-buffer library 1.0 - 1.5*
> + 24.03+ Multi-buffer library 1.4 - 1.5*
> ============= ================================
>
> \* Multi-buffer library 1.0 or newer only works for Meson but not Make build
> system.
> diff --git a/doc/guides/cryptodevs/snow3g.rst
> b/doc/guides/cryptodevs/snow3g.rst
> index 3392932653..46863462e5 100644
> --- a/doc/guides/cryptodevs/snow3g.rst
> +++ b/doc/guides/cryptodevs/snow3g.rst
> @@ -96,7 +96,8 @@ and the external crypto libraries supported by them:
> ============= ================================
> 16.04 - 19.11 LibSSO SNOW3G
> 20.02 - 21.08 Multi-buffer library 0.53 - 1.3*
> - 21.11+ Multi-buffer library 1.0 - 1.5*
> + 21.11 - 23.11 Multi-buffer library 1.0 - 1.5*
> + 24.03+ Multi-buffer library 1.4 - 1.5*
> ============= ================================
>
> \* Multi-buffer library 1.0 or newer only works for Meson but not Make build
> system.
> diff --git a/doc/guides/cryptodevs/zuc.rst b/doc/guides/cryptodevs/zuc.rst
> index a414b5ad2c..51867e1a16 100644
> --- a/doc/guides/cryptodevs/zuc.rst
> +++ b/doc/guides/cryptodevs/zuc.rst
> @@ -95,7 +95,8 @@ and the external crypto libraries supported by them:
> ============= ================================
> 16.11 - 19.11 LibSSO ZUC
> 20.02 - 21.08 Multi-buffer library 0.53 - 1.3*
> - 21.11+ Multi-buffer library 1.0 - 1.5*
> + 21.11 - 23.11 Multi-buffer library 1.0 - 1.5*
> + 24.03+ Multi-buffer library 1.4 - 1.5*
> ============= ================================
>
> \* Multi-buffer library 1.0 or newer only works for Meson but not Make build
> system.
> diff --git a/doc/guides/rel_notes/release_24_03.rst
> b/doc/guides/rel_notes/release_24_03.rst
> index 879bb4944c..9f4affb706 100644
> --- a/doc/guides/rel_notes/release_24_03.rst
> +++ b/doc/guides/rel_notes/release_24_03.rst
> @@ -138,6 +138,10 @@ New Features
> to support TLS v1.2, TLS v1.3 and DTLS v1.2.
> * Added PMD API to allow raw submission of instructions to CPT.
>
> +* **Updated ipsec_mb crypto driver.**
> +
> + * Bump minimum IPSec Multi-buffer version to 1.4 for SW PMDs.
> +
>
> Removed Items
> -------------
> diff --git a/drivers/crypto/ipsec_mb/ipsec_mb_ops.c
> b/drivers/crypto/ipsec_mb/ipsec_mb_ops.c
> index f21f9cc5a0..d25c671d7d 100644
> --- a/drivers/crypto/ipsec_mb/ipsec_mb_ops.c
> +++ b/drivers/crypto/ipsec_mb/ipsec_mb_ops.c
> @@ -11,7 +11,6 @@
>
> #include "ipsec_mb_private.h"
>
> -#define IMB_MP_REQ_VER_STR "1.1.0"
>
> /** Configure device */
> int
> @@ -147,15 +146,10 @@ ipsec_mb_qp_release(struct rte_cryptodev *dev,
> uint16_t qp_id)
> if (rte_eal_process_type() == RTE_PROC_PRIMARY) {
> rte_ring_free(rte_ring_lookup(qp->name));
>
> -#if IMB_VERSION(1, 1, 0) > IMB_VERSION_NUM
> - if (qp->mb_mgr)
> - free_mb_mgr(qp->mb_mgr);
> -#else
> if (qp->mb_mgr_mz) {
> rte_memzone_free(qp->mb_mgr_mz);
> qp->mb_mgr = NULL;
> }
> -#endif
> rte_free(qp);
> dev->data->queue_pairs[qp_id] = NULL;
> } else { /* secondary process */
> @@ -211,7 +205,6 @@ static struct rte_ring
> RING_F_SP_ENQ | RING_F_SC_DEQ); }
>
> -#if IMB_VERSION(1, 1, 0) <= IMB_VERSION_NUM static IMB_MGR *
> ipsec_mb_alloc_mgr_from_memzone(const struct rte_memzone
> **mb_mgr_mz,
> const char *mb_mgr_mz_name)
> @@ -244,7 +237,6 @@ ipsec_mb_alloc_mgr_from_memzone(const struct
> rte_memzone **mb_mgr_mz,
> }
> return mb_mgr;
> }
> -#endif
>
> /** Setup a queue pair */
> int
> @@ -260,12 +252,6 @@ ipsec_mb_qp_setup(struct rte_cryptodev *dev,
> uint16_t qp_id,
> int ret;
>
> if (rte_eal_process_type() == RTE_PROC_SECONDARY) { -#if
> IMB_VERSION(1, 1, 0) > IMB_VERSION_NUM
> - IPSEC_MB_LOG(ERR, "The intel-ipsec-mb version (%s) does
> not support multiprocess,"
> - "the minimum version required for this
> feature is %s.",
> - IMB_VERSION_STR, IMB_MP_REQ_VER_STR);
> - return -EINVAL;
> -#endif
> qp = dev->data->queue_pairs[qp_id];
> if (qp == NULL) {
> IPSEC_MB_LOG(DEBUG, "Secondary process setting
> up device qp."); @@ -285,15 +271,11 @@ ipsec_mb_qp_setup(struct
> rte_cryptodev *dev, uint16_t qp_id,
> return -ENOMEM;
> }
>
> -#if IMB_VERSION(1, 1, 0) > IMB_VERSION_NUM
> - qp->mb_mgr = alloc_init_mb_mgr();
> -#else
> char mz_name[IPSEC_MB_MAX_MZ_NAME];
> snprintf(mz_name, sizeof(mz_name), "IMB_MGR_DEV_%d_QP_%d",
> dev->data->dev_id, qp_id);
> qp->mb_mgr = ipsec_mb_alloc_mgr_from_memzone(&(qp-
> >mb_mgr_mz),
> mz_name);
> -#endif
> if (qp->mb_mgr == NULL) {
> ret = -ENOMEM;
> goto qp_setup_cleanup;
> @@ -330,15 +312,10 @@ ipsec_mb_qp_setup(struct rte_cryptodev *dev,
> uint16_t qp_id,
> return 0;
>
> qp_setup_cleanup:
> -#if IMB_VERSION(1, 1, 0) > IMB_VERSION_NUM
> - if (qp->mb_mgr)
> - free_mb_mgr(qp->mb_mgr);
> -#else
> if (rte_eal_process_type() == RTE_PROC_SECONDARY)
> return ret;
> if (qp->mb_mgr_mz)
> rte_memzone_free(qp->mb_mgr_mz);
> -#endif
> rte_free(qp);
> return ret;
> }
> diff --git a/drivers/crypto/ipsec_mb/meson.build
> b/drivers/crypto/ipsec_mb/meson.build
> index 87bf965554..0c988d7411 100644
> --- a/drivers/crypto/ipsec_mb/meson.build
> +++ b/drivers/crypto/ipsec_mb/meson.build
> @@ -7,7 +7,7 @@ if is_windows
> subdir_done()
> endif
>
> -IMB_required_ver = '1.0.0'
> +IMB_required_ver = '1.4.0'
> IMB_header = '#include<intel-ipsec-mb.h>'
> if arch_subdir == 'arm'
> IMB_header = '#include<ipsec-mb.h>'
> diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
> b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
> index 4de4866cf3..b93267f1c3 100644
> --- a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
> +++ b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
> @@ -210,13 +210,9 @@ aesni_mb_set_session_auth_parameters(const
> IMB_MGR *mb_mgr,
> }
> } else if (xform->auth.key.length == 32) {
> sess->template_job.hash_alg =
> IMB_AUTH_ZUC256_EIA3_BITLEN; -#if IMB_VERSION(1, 2, 0) <
> IMB_VERSION_NUM
> if (sess->auth.req_digest_len != 4 &&
> sess->auth.req_digest_len != 8 &&
> sess->auth.req_digest_len != 16) { -
> #else
> - if (sess->auth.req_digest_len != 4) {
> -#endif
> IPSEC_MB_LOG(ERR, "Invalid digest size\n");
> return -EINVAL;
> }
> @@ -845,11 +841,9 @@ aesni_mb_session_configure(IMB_MGR *mb_mgr,
> }
> }
>
> -#if IMB_VERSION(1, 3, 0) < IMB_VERSION_NUM
> sess->session_id = imb_set_session(mb_mgr, &sess->template_job);
> sess->pid = getpid();
> RTE_PER_LCORE(pid) = sess->pid;
> -#endif
>
> return 0;
> }
> @@ -982,9 +976,7 @@ aesni_mb_set_docsis_sec_session_parameters(
> goto error_exit;
> }
>
> -#if IMB_VERSION(1, 3, 0) < IMB_VERSION_NUM
> ipsec_sess->session_id = imb_set_session(mb_mgr, &ipsec_sess-
> >template_job); -#endif
>
> error_exit:
> free_mb_mgr(mb_mgr);
> @@ -1239,7 +1231,6 @@ imb_lib_support_sgl_algo(IMB_CIPHER_MODE alg)
> return 0;
> }
>
> -#if IMB_VERSION(1, 2, 0) < IMB_VERSION_NUM static inline int
> single_sgl_job(IMB_JOB *job, struct rte_crypto_op *op,
> int oop, uint32_t offset, struct rte_mbuf *m_src, @@ -1324,7
> +1315,6 @@ single_sgl_job(IMB_JOB *job, struct rte_crypto_op *op,
> job->sgl_io_segs = sgl_segs;
> return 0;
> }
> -#endif
>
> static inline int
> multi_sgl_job(IMB_JOB *job, struct rte_crypto_op *op, @@ -1394,9 +1384,7
> @@ set_gcm_job(IMB_MGR *mb_mgr, IMB_JOB *job, const uint8_t sgl,
> job->msg_len_to_hash_in_bytes = 0;
> job->msg_len_to_cipher_in_bytes = 0;
> job->cipher_start_src_offset_in_bytes = 0; -#if
> IMB_VERSION(1, 3, 0) < IMB_VERSION_NUM
> imb_set_session(mb_mgr, job);
> -#endif
> } else {
> job->hash_start_src_offset_in_bytes =
> op->sym->aead.data.offset;
> @@ -1424,13 +1412,11 @@ set_gcm_job(IMB_MGR *mb_mgr, IMB_JOB
> *job, const uint8_t sgl,
> job->src = NULL;
> job->dst = NULL;
>
> -#if IMB_VERSION(1, 2, 0) < IMB_VERSION_NUM
> if (m_src->nb_segs <= MAX_NUM_SEGS)
> return single_sgl_job(job, op, oop,
> m_offset, m_src, m_dst,
> qp_data->sgl_segs);
> else
> -#endif
> return multi_sgl_job(job, op, oop,
> m_offset, m_src, m_dst, mb_mgr);
> } else {
> @@ -1520,10 +1506,6 @@ set_mb_job_params(IMB_JOB *job, struct
> ipsec_mb_qp *qp,
> uint8_t sgl = 0;
> uint8_t lb_sgl = 0;
>
> -#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
> - (void) pid;
> -#endif
> -
> session = ipsec_mb_get_session_private(qp, op);
> if (session == NULL) {
> op->status = RTE_CRYPTO_OP_STATUS_INVALID_SESSION;
> @@ -1533,12 +1515,10 @@ set_mb_job_params(IMB_JOB *job, struct
> ipsec_mb_qp *qp,
> const IMB_CIPHER_MODE cipher_mode =
> session->template_job.cipher_mode;
>
> -#if IMB_VERSION(1, 3, 0) < IMB_VERSION_NUM
> if (session->pid != pid) {
> memcpy(job, &session->template_job, sizeof(IMB_JOB));
> imb_set_session(mb_mgr, job);
> } else if (job->session_id != session->session_id) -#endif
> memcpy(job, &session->template_job, sizeof(IMB_JOB));
>
> if (!op->sym->m_dst) {
> @@ -1579,9 +1559,7 @@ set_mb_job_params(IMB_JOB *job, struct
> ipsec_mb_qp *qp,
> job->u.GCM.ctx = &qp_data->gcm_sgl_ctx;
> job->cipher_mode = IMB_CIPHER_GCM_SGL;
> job->hash_alg = IMB_AUTH_GCM_SGL;
> -#if IMB_VERSION(1, 3, 0) < IMB_VERSION_NUM
> imb_set_session(mb_mgr, job);
> -#endif
> }
> break;
> case IMB_AUTH_AES_GMAC_128:
> @@ -1606,9 +1584,7 @@ set_mb_job_params(IMB_JOB *job, struct
> ipsec_mb_qp *qp,
> job->u.CHACHA20_POLY1305.ctx = &qp_data-
> >chacha_sgl_ctx;
> job->cipher_mode =
> IMB_CIPHER_CHACHA20_POLY1305_SGL;
> job->hash_alg =
> IMB_AUTH_CHACHA20_POLY1305_SGL; -#if IMB_VERSION(1, 3, 0) <
> IMB_VERSION_NUM
> imb_set_session(mb_mgr, job);
> -#endif
> }
> break;
> default:
> @@ -1804,13 +1780,11 @@ set_mb_job_params(IMB_JOB *job, struct
> ipsec_mb_qp *qp,
> if (lb_sgl)
> return handle_sgl_linear(job, op, m_offset, session);
>
> -#if IMB_VERSION(1, 2, 0) < IMB_VERSION_NUM
> if (m_src->nb_segs <= MAX_NUM_SEGS)
> return single_sgl_job(job, op, oop,
> m_offset, m_src, m_dst,
> qp_data->sgl_segs);
> else
> -#endif
> return multi_sgl_job(job, op, oop,
> m_offset, m_src, m_dst, mb_mgr);
> }
> @@ -2130,7 +2104,6 @@ set_job_null_op(IMB_JOB *job, struct
> rte_crypto_op *op)
> return job;
> }
>
> -#if IMB_VERSION(1, 2, 0) < IMB_VERSION_NUM static uint16_t
> aesni_mb_dequeue_burst(void *queue_pair, struct rte_crypto_op **ops,
> uint16_t nb_ops)
> @@ -2263,144 +2236,6 @@ aesni_mb_dequeue_burst(void *queue_pair,
> struct rte_crypto_op **ops,
>
> return processed_jobs;
> }
> -#else
> -
> -/**
> - * Process a completed IMB_JOB job and keep processing jobs until
> - * get_completed_job return NULL
> - *
> - * @param qp Queue Pair to process
> - * @param mb_mgr IMB_MGR to use
> - * @param job IMB_JOB job
> - * @param ops crypto ops to fill
> - * @param nb_ops number of crypto ops
> - *
> - * @return
> - * - Number of processed jobs
> - */
> -static unsigned
> -handle_completed_jobs(struct ipsec_mb_qp *qp, IMB_MGR *mb_mgr,
> - IMB_JOB *job, struct rte_crypto_op **ops,
> - uint16_t nb_ops)
> -{
> - struct rte_crypto_op *op = NULL;
> - uint16_t processed_jobs = 0;
> -
> - while (job != NULL) {
> - op = post_process_mb_job(qp, job);
> -
> - if (op) {
> - ops[processed_jobs++] = op;
> - qp->stats.dequeued_count++;
> - } else {
> - qp->stats.dequeue_err_count++;
> - break;
> - }
> - if (processed_jobs == nb_ops)
> - break;
> -
> - job = IMB_GET_COMPLETED_JOB(mb_mgr);
> - }
> -
> - return processed_jobs;
> -}
> -
> -static inline uint16_t
> -flush_mb_mgr(struct ipsec_mb_qp *qp, IMB_MGR *mb_mgr,
> - struct rte_crypto_op **ops, uint16_t nb_ops)
> -{
> - int processed_ops = 0;
> -
> - /* Flush the remaining jobs */
> - IMB_JOB *job = IMB_FLUSH_JOB(mb_mgr);
> -
> - if (job)
> - processed_ops += handle_completed_jobs(qp, mb_mgr, job,
> - &ops[processed_ops], nb_ops -
> processed_ops);
> -
> - return processed_ops;
> -}
> -
> -static uint16_t
> -aesni_mb_dequeue_burst(void *queue_pair, struct rte_crypto_op **ops,
> - uint16_t nb_ops)
> -{
> - struct ipsec_mb_qp *qp = queue_pair;
> - IMB_MGR *mb_mgr = qp->mb_mgr;
> - struct rte_crypto_op *op;
> - IMB_JOB *job;
> - int retval, processed_jobs = 0;
> - pid_t pid = 0;
> -
> - if (unlikely(nb_ops == 0 || mb_mgr == NULL))
> - return 0;
> -
> - uint8_t digest_idx = qp->digest_idx;
> -
> - do {
> - /* Get next free mb job struct from mb manager */
> - job = IMB_GET_NEXT_JOB(mb_mgr);
> - if (unlikely(job == NULL)) {
> - /* if no free mb job structs we need to flush mb_mgr
> */
> - processed_jobs += flush_mb_mgr(qp, mb_mgr,
> - &ops[processed_jobs],
> - nb_ops - processed_jobs);
> -
> - if (nb_ops == processed_jobs)
> - break;
> -
> - job = IMB_GET_NEXT_JOB(mb_mgr);
> - }
> -
> - /*
> - * Get next operation to process from ingress queue.
> - * There is no need to return the job to the IMB_MGR
> - * if there are no more operations to process, since the
> IMB_MGR
> - * can use that pointer again in next get_next calls.
> - */
> - retval = rte_ring_dequeue(qp->ingress_queue, (void **)&op);
> - if (retval < 0)
> - break;
> -
> - if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION)
> - retval = set_sec_mb_job_params(job, qp, op,
> - &digest_idx);
> - else
> - retval = set_mb_job_params(job, qp, op,
> - &digest_idx, mb_mgr, pid);
> -
> - if (unlikely(retval != 0)) {
> - qp->stats.dequeue_err_count++;
> - set_job_null_op(job, op);
> - }
> -
> - /* Submit job to multi-buffer for processing */
> -#ifdef RTE_LIBRTE_PMD_AESNI_MB_DEBUG
> - job = IMB_SUBMIT_JOB(mb_mgr);
> -#else
> - job = IMB_SUBMIT_JOB_NOCHECK(mb_mgr);
> -#endif
> - /*
> - * If submit returns a processed job then handle it,
> - * before submitting subsequent jobs
> - */
> - if (job)
> - processed_jobs += handle_completed_jobs(qp,
> mb_mgr,
> - job, &ops[processed_jobs],
> - nb_ops - processed_jobs);
> -
> - } while (processed_jobs < nb_ops);
> -
> - qp->digest_idx = digest_idx;
> -
> - if (processed_jobs < 1)
> - processed_jobs += flush_mb_mgr(qp, mb_mgr,
> - &ops[processed_jobs],
> - nb_ops - processed_jobs);
> -
> - return processed_jobs;
> -}
> -#endif
> static inline int
> check_crypto_sgl(union rte_crypto_sym_ofs so, const struct rte_crypto_sgl
> *sgl) { diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_mb_priv.h
> b/drivers/crypto/ipsec_mb/pmd_aesni_mb_priv.h
> index 85994fe5a1..51cfd7e2aa 100644
> --- a/drivers/crypto/ipsec_mb/pmd_aesni_mb_priv.h
> +++ b/drivers/crypto/ipsec_mb/pmd_aesni_mb_priv.h
> @@ -17,9 +17,7 @@
> #define HMAC_IPAD_VALUE (0x36)
> #define HMAC_OPAD_VALUE (0x5C)
>
> -#if IMB_VERSION(1, 2, 0) < IMB_VERSION_NUM #define MAX_NUM_SEGS
> 16 -#endif
>
> static const struct rte_cryptodev_capabilities aesni_mb_capabilities[] = {
> { /* MD5 HMAC */
> @@ -567,13 +565,8 @@ static const struct rte_cryptodev_capabilities
> aesni_mb_capabilities[] = {
> },
> .digest_size = {
> .min = 4,
> -#if IMB_VERSION(1, 2, 0) < IMB_VERSION_NUM
> .max = 16,
> .increment = 4
> -#else
> - .max = 4,
> - .increment = 0
> -#endif
> },
> .iv_size = {
> .min = 16,
> @@ -730,9 +723,7 @@ struct aesni_mb_qp_data {
> * by the driver when verifying a digest provided
> * by the user (using authentication verify operation)
> */
> -#if IMB_VERSION(1, 2, 0) < IMB_VERSION_NUM
> struct IMB_SGL_IOV sgl_segs[MAX_NUM_SEGS]; -#endif
> union {
> struct gcm_context_data gcm_sgl_ctx;
> struct chacha20_poly1305_context_data chacha_sgl_ctx;
> --
> 2.25.1
@@ -85,7 +85,8 @@ and the external crypto libraries supported by them:
18.05 - 19.02 Multi-buffer library 0.49 - 0.52
19.05 - 20.08 Multi-buffer library 0.52 - 0.55
20.11 - 21.08 Multi-buffer library 0.53 - 1.3*
- 21.11+ Multi-buffer library 1.0 - 1.5*
+ 21.11 - 23.11 Multi-buffer library 1.0 - 1.5*
+ 24.03+ Multi-buffer library 1.4 - 1.5*
============= ================================
\* Multi-buffer library 1.0 or newer only works for Meson but not Make build system.
@@ -146,7 +146,8 @@ and the Multi-Buffer library version supported by them:
19.05 - 19.08 0.52
19.11 - 20.08 0.52 - 0.55
20.11 - 21.08 0.53 - 1.3*
- 21.11+ 1.0 - 1.5*
+ 21.11 - 23.11 1.0 - 1.5*
+ 24.03+ 1.4 - 1.5*
============== ============================
\* Multi-buffer library 1.0 or newer only works for Meson but not Make build system.
@@ -72,7 +72,8 @@ and the external crypto libraries supported by them:
============= ================================
DPDK version Crypto library version
============= ================================
- 21.11+ Multi-buffer library 1.0-1.5*
+ 21.11 - 23.11 Multi-buffer library 1.0-1.5*
+ 24.03+ Multi-buffer library 1.4-1.5*
============= ================================
\* Multi-buffer library 1.0 or newer only works for Meson but not Make build system.
@@ -87,7 +87,8 @@ and the external crypto libraries supported by them:
============= ================================
16.11 - 19.11 LibSSO KASUMI
20.02 - 21.08 Multi-buffer library 0.53 - 1.3*
- 21.11+ Multi-buffer library 1.0 - 1.5*
+ 21.11 - 23.11 Multi-buffer library 1.0 - 1.5*
+ 24.03+ Multi-buffer library 1.4 - 1.5*
============= ================================
\* Multi-buffer library 1.0 or newer only works for Meson but not Make build system.
@@ -96,7 +96,8 @@ and the external crypto libraries supported by them:
============= ================================
16.04 - 19.11 LibSSO SNOW3G
20.02 - 21.08 Multi-buffer library 0.53 - 1.3*
- 21.11+ Multi-buffer library 1.0 - 1.5*
+ 21.11 - 23.11 Multi-buffer library 1.0 - 1.5*
+ 24.03+ Multi-buffer library 1.4 - 1.5*
============= ================================
\* Multi-buffer library 1.0 or newer only works for Meson but not Make build system.
@@ -95,7 +95,8 @@ and the external crypto libraries supported by them:
============= ================================
16.11 - 19.11 LibSSO ZUC
20.02 - 21.08 Multi-buffer library 0.53 - 1.3*
- 21.11+ Multi-buffer library 1.0 - 1.5*
+ 21.11 - 23.11 Multi-buffer library 1.0 - 1.5*
+ 24.03+ Multi-buffer library 1.4 - 1.5*
============= ================================
\* Multi-buffer library 1.0 or newer only works for Meson but not Make build system.
@@ -138,6 +138,10 @@ New Features
to support TLS v1.2, TLS v1.3 and DTLS v1.2.
* Added PMD API to allow raw submission of instructions to CPT.
+* **Updated ipsec_mb crypto driver.**
+
+ * Bump minimum IPSec Multi-buffer version to 1.4 for SW PMDs.
+
Removed Items
-------------
@@ -11,7 +11,6 @@
#include "ipsec_mb_private.h"
-#define IMB_MP_REQ_VER_STR "1.1.0"
/** Configure device */
int
@@ -147,15 +146,10 @@ ipsec_mb_qp_release(struct rte_cryptodev *dev, uint16_t qp_id)
if (rte_eal_process_type() == RTE_PROC_PRIMARY) {
rte_ring_free(rte_ring_lookup(qp->name));
-#if IMB_VERSION(1, 1, 0) > IMB_VERSION_NUM
- if (qp->mb_mgr)
- free_mb_mgr(qp->mb_mgr);
-#else
if (qp->mb_mgr_mz) {
rte_memzone_free(qp->mb_mgr_mz);
qp->mb_mgr = NULL;
}
-#endif
rte_free(qp);
dev->data->queue_pairs[qp_id] = NULL;
} else { /* secondary process */
@@ -211,7 +205,6 @@ static struct rte_ring
RING_F_SP_ENQ | RING_F_SC_DEQ);
}
-#if IMB_VERSION(1, 1, 0) <= IMB_VERSION_NUM
static IMB_MGR *
ipsec_mb_alloc_mgr_from_memzone(const struct rte_memzone **mb_mgr_mz,
const char *mb_mgr_mz_name)
@@ -244,7 +237,6 @@ ipsec_mb_alloc_mgr_from_memzone(const struct rte_memzone **mb_mgr_mz,
}
return mb_mgr;
}
-#endif
/** Setup a queue pair */
int
@@ -260,12 +252,6 @@ ipsec_mb_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id,
int ret;
if (rte_eal_process_type() == RTE_PROC_SECONDARY) {
-#if IMB_VERSION(1, 1, 0) > IMB_VERSION_NUM
- IPSEC_MB_LOG(ERR, "The intel-ipsec-mb version (%s) does not support multiprocess,"
- "the minimum version required for this feature is %s.",
- IMB_VERSION_STR, IMB_MP_REQ_VER_STR);
- return -EINVAL;
-#endif
qp = dev->data->queue_pairs[qp_id];
if (qp == NULL) {
IPSEC_MB_LOG(DEBUG, "Secondary process setting up device qp.");
@@ -285,15 +271,11 @@ ipsec_mb_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id,
return -ENOMEM;
}
-#if IMB_VERSION(1, 1, 0) > IMB_VERSION_NUM
- qp->mb_mgr = alloc_init_mb_mgr();
-#else
char mz_name[IPSEC_MB_MAX_MZ_NAME];
snprintf(mz_name, sizeof(mz_name), "IMB_MGR_DEV_%d_QP_%d",
dev->data->dev_id, qp_id);
qp->mb_mgr = ipsec_mb_alloc_mgr_from_memzone(&(qp->mb_mgr_mz),
mz_name);
-#endif
if (qp->mb_mgr == NULL) {
ret = -ENOMEM;
goto qp_setup_cleanup;
@@ -330,15 +312,10 @@ ipsec_mb_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id,
return 0;
qp_setup_cleanup:
-#if IMB_VERSION(1, 1, 0) > IMB_VERSION_NUM
- if (qp->mb_mgr)
- free_mb_mgr(qp->mb_mgr);
-#else
if (rte_eal_process_type() == RTE_PROC_SECONDARY)
return ret;
if (qp->mb_mgr_mz)
rte_memzone_free(qp->mb_mgr_mz);
-#endif
rte_free(qp);
return ret;
}
@@ -7,7 +7,7 @@ if is_windows
subdir_done()
endif
-IMB_required_ver = '1.0.0'
+IMB_required_ver = '1.4.0'
IMB_header = '#include<intel-ipsec-mb.h>'
if arch_subdir == 'arm'
IMB_header = '#include<ipsec-mb.h>'
@@ -210,13 +210,9 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
}
} else if (xform->auth.key.length == 32) {
sess->template_job.hash_alg = IMB_AUTH_ZUC256_EIA3_BITLEN;
-#if IMB_VERSION(1, 2, 0) < IMB_VERSION_NUM
if (sess->auth.req_digest_len != 4 &&
sess->auth.req_digest_len != 8 &&
sess->auth.req_digest_len != 16) {
-#else
- if (sess->auth.req_digest_len != 4) {
-#endif
IPSEC_MB_LOG(ERR, "Invalid digest size\n");
return -EINVAL;
}
@@ -845,11 +841,9 @@ aesni_mb_session_configure(IMB_MGR *mb_mgr,
}
}
-#if IMB_VERSION(1, 3, 0) < IMB_VERSION_NUM
sess->session_id = imb_set_session(mb_mgr, &sess->template_job);
sess->pid = getpid();
RTE_PER_LCORE(pid) = sess->pid;
-#endif
return 0;
}
@@ -982,9 +976,7 @@ aesni_mb_set_docsis_sec_session_parameters(
goto error_exit;
}
-#if IMB_VERSION(1, 3, 0) < IMB_VERSION_NUM
ipsec_sess->session_id = imb_set_session(mb_mgr, &ipsec_sess->template_job);
-#endif
error_exit:
free_mb_mgr(mb_mgr);
@@ -1239,7 +1231,6 @@ imb_lib_support_sgl_algo(IMB_CIPHER_MODE alg)
return 0;
}
-#if IMB_VERSION(1, 2, 0) < IMB_VERSION_NUM
static inline int
single_sgl_job(IMB_JOB *job, struct rte_crypto_op *op,
int oop, uint32_t offset, struct rte_mbuf *m_src,
@@ -1324,7 +1315,6 @@ single_sgl_job(IMB_JOB *job, struct rte_crypto_op *op,
job->sgl_io_segs = sgl_segs;
return 0;
}
-#endif
static inline int
multi_sgl_job(IMB_JOB *job, struct rte_crypto_op *op,
@@ -1394,9 +1384,7 @@ set_gcm_job(IMB_MGR *mb_mgr, IMB_JOB *job, const uint8_t sgl,
job->msg_len_to_hash_in_bytes = 0;
job->msg_len_to_cipher_in_bytes = 0;
job->cipher_start_src_offset_in_bytes = 0;
-#if IMB_VERSION(1, 3, 0) < IMB_VERSION_NUM
imb_set_session(mb_mgr, job);
-#endif
} else {
job->hash_start_src_offset_in_bytes =
op->sym->aead.data.offset;
@@ -1424,13 +1412,11 @@ set_gcm_job(IMB_MGR *mb_mgr, IMB_JOB *job, const uint8_t sgl,
job->src = NULL;
job->dst = NULL;
-#if IMB_VERSION(1, 2, 0) < IMB_VERSION_NUM
if (m_src->nb_segs <= MAX_NUM_SEGS)
return single_sgl_job(job, op, oop,
m_offset, m_src, m_dst,
qp_data->sgl_segs);
else
-#endif
return multi_sgl_job(job, op, oop,
m_offset, m_src, m_dst, mb_mgr);
} else {
@@ -1520,10 +1506,6 @@ set_mb_job_params(IMB_JOB *job, struct ipsec_mb_qp *qp,
uint8_t sgl = 0;
uint8_t lb_sgl = 0;
-#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
- (void) pid;
-#endif
-
session = ipsec_mb_get_session_private(qp, op);
if (session == NULL) {
op->status = RTE_CRYPTO_OP_STATUS_INVALID_SESSION;
@@ -1533,12 +1515,10 @@ set_mb_job_params(IMB_JOB *job, struct ipsec_mb_qp *qp,
const IMB_CIPHER_MODE cipher_mode =
session->template_job.cipher_mode;
-#if IMB_VERSION(1, 3, 0) < IMB_VERSION_NUM
if (session->pid != pid) {
memcpy(job, &session->template_job, sizeof(IMB_JOB));
imb_set_session(mb_mgr, job);
} else if (job->session_id != session->session_id)
-#endif
memcpy(job, &session->template_job, sizeof(IMB_JOB));
if (!op->sym->m_dst) {
@@ -1579,9 +1559,7 @@ set_mb_job_params(IMB_JOB *job, struct ipsec_mb_qp *qp,
job->u.GCM.ctx = &qp_data->gcm_sgl_ctx;
job->cipher_mode = IMB_CIPHER_GCM_SGL;
job->hash_alg = IMB_AUTH_GCM_SGL;
-#if IMB_VERSION(1, 3, 0) < IMB_VERSION_NUM
imb_set_session(mb_mgr, job);
-#endif
}
break;
case IMB_AUTH_AES_GMAC_128:
@@ -1606,9 +1584,7 @@ set_mb_job_params(IMB_JOB *job, struct ipsec_mb_qp *qp,
job->u.CHACHA20_POLY1305.ctx = &qp_data->chacha_sgl_ctx;
job->cipher_mode = IMB_CIPHER_CHACHA20_POLY1305_SGL;
job->hash_alg = IMB_AUTH_CHACHA20_POLY1305_SGL;
-#if IMB_VERSION(1, 3, 0) < IMB_VERSION_NUM
imb_set_session(mb_mgr, job);
-#endif
}
break;
default:
@@ -1804,13 +1780,11 @@ set_mb_job_params(IMB_JOB *job, struct ipsec_mb_qp *qp,
if (lb_sgl)
return handle_sgl_linear(job, op, m_offset, session);
-#if IMB_VERSION(1, 2, 0) < IMB_VERSION_NUM
if (m_src->nb_segs <= MAX_NUM_SEGS)
return single_sgl_job(job, op, oop,
m_offset, m_src, m_dst,
qp_data->sgl_segs);
else
-#endif
return multi_sgl_job(job, op, oop,
m_offset, m_src, m_dst, mb_mgr);
}
@@ -2130,7 +2104,6 @@ set_job_null_op(IMB_JOB *job, struct rte_crypto_op *op)
return job;
}
-#if IMB_VERSION(1, 2, 0) < IMB_VERSION_NUM
static uint16_t
aesni_mb_dequeue_burst(void *queue_pair, struct rte_crypto_op **ops,
uint16_t nb_ops)
@@ -2263,144 +2236,6 @@ aesni_mb_dequeue_burst(void *queue_pair, struct rte_crypto_op **ops,
return processed_jobs;
}
-#else
-
-/**
- * Process a completed IMB_JOB job and keep processing jobs until
- * get_completed_job return NULL
- *
- * @param qp Queue Pair to process
- * @param mb_mgr IMB_MGR to use
- * @param job IMB_JOB job
- * @param ops crypto ops to fill
- * @param nb_ops number of crypto ops
- *
- * @return
- * - Number of processed jobs
- */
-static unsigned
-handle_completed_jobs(struct ipsec_mb_qp *qp, IMB_MGR *mb_mgr,
- IMB_JOB *job, struct rte_crypto_op **ops,
- uint16_t nb_ops)
-{
- struct rte_crypto_op *op = NULL;
- uint16_t processed_jobs = 0;
-
- while (job != NULL) {
- op = post_process_mb_job(qp, job);
-
- if (op) {
- ops[processed_jobs++] = op;
- qp->stats.dequeued_count++;
- } else {
- qp->stats.dequeue_err_count++;
- break;
- }
- if (processed_jobs == nb_ops)
- break;
-
- job = IMB_GET_COMPLETED_JOB(mb_mgr);
- }
-
- return processed_jobs;
-}
-
-static inline uint16_t
-flush_mb_mgr(struct ipsec_mb_qp *qp, IMB_MGR *mb_mgr,
- struct rte_crypto_op **ops, uint16_t nb_ops)
-{
- int processed_ops = 0;
-
- /* Flush the remaining jobs */
- IMB_JOB *job = IMB_FLUSH_JOB(mb_mgr);
-
- if (job)
- processed_ops += handle_completed_jobs(qp, mb_mgr, job,
- &ops[processed_ops], nb_ops - processed_ops);
-
- return processed_ops;
-}
-
-static uint16_t
-aesni_mb_dequeue_burst(void *queue_pair, struct rte_crypto_op **ops,
- uint16_t nb_ops)
-{
- struct ipsec_mb_qp *qp = queue_pair;
- IMB_MGR *mb_mgr = qp->mb_mgr;
- struct rte_crypto_op *op;
- IMB_JOB *job;
- int retval, processed_jobs = 0;
- pid_t pid = 0;
-
- if (unlikely(nb_ops == 0 || mb_mgr == NULL))
- return 0;
-
- uint8_t digest_idx = qp->digest_idx;
-
- do {
- /* Get next free mb job struct from mb manager */
- job = IMB_GET_NEXT_JOB(mb_mgr);
- if (unlikely(job == NULL)) {
- /* if no free mb job structs we need to flush mb_mgr */
- processed_jobs += flush_mb_mgr(qp, mb_mgr,
- &ops[processed_jobs],
- nb_ops - processed_jobs);
-
- if (nb_ops == processed_jobs)
- break;
-
- job = IMB_GET_NEXT_JOB(mb_mgr);
- }
-
- /*
- * Get next operation to process from ingress queue.
- * There is no need to return the job to the IMB_MGR
- * if there are no more operations to process, since the IMB_MGR
- * can use that pointer again in next get_next calls.
- */
- retval = rte_ring_dequeue(qp->ingress_queue, (void **)&op);
- if (retval < 0)
- break;
-
- if (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION)
- retval = set_sec_mb_job_params(job, qp, op,
- &digest_idx);
- else
- retval = set_mb_job_params(job, qp, op,
- &digest_idx, mb_mgr, pid);
-
- if (unlikely(retval != 0)) {
- qp->stats.dequeue_err_count++;
- set_job_null_op(job, op);
- }
-
- /* Submit job to multi-buffer for processing */
-#ifdef RTE_LIBRTE_PMD_AESNI_MB_DEBUG
- job = IMB_SUBMIT_JOB(mb_mgr);
-#else
- job = IMB_SUBMIT_JOB_NOCHECK(mb_mgr);
-#endif
- /*
- * If submit returns a processed job then handle it,
- * before submitting subsequent jobs
- */
- if (job)
- processed_jobs += handle_completed_jobs(qp, mb_mgr,
- job, &ops[processed_jobs],
- nb_ops - processed_jobs);
-
- } while (processed_jobs < nb_ops);
-
- qp->digest_idx = digest_idx;
-
- if (processed_jobs < 1)
- processed_jobs += flush_mb_mgr(qp, mb_mgr,
- &ops[processed_jobs],
- nb_ops - processed_jobs);
-
- return processed_jobs;
-}
-#endif
static inline int
check_crypto_sgl(union rte_crypto_sym_ofs so, const struct rte_crypto_sgl *sgl)
{
@@ -17,9 +17,7 @@
#define HMAC_IPAD_VALUE (0x36)
#define HMAC_OPAD_VALUE (0x5C)
-#if IMB_VERSION(1, 2, 0) < IMB_VERSION_NUM
#define MAX_NUM_SEGS 16
-#endif
static const struct rte_cryptodev_capabilities aesni_mb_capabilities[] = {
{ /* MD5 HMAC */
@@ -567,13 +565,8 @@ static const struct rte_cryptodev_capabilities aesni_mb_capabilities[] = {
},
.digest_size = {
.min = 4,
-#if IMB_VERSION(1, 2, 0) < IMB_VERSION_NUM
.max = 16,
.increment = 4
-#else
- .max = 4,
- .increment = 0
-#endif
},
.iv_size = {
.min = 16,
@@ -730,9 +723,7 @@ struct aesni_mb_qp_data {
* by the driver when verifying a digest provided
* by the user (using authentication verify operation)
*/
-#if IMB_VERSION(1, 2, 0) < IMB_VERSION_NUM
struct IMB_SGL_IOV sgl_segs[MAX_NUM_SEGS];
-#endif
union {
struct gcm_context_data gcm_sgl_ctx;
struct chacha20_poly1305_context_data chacha_sgl_ctx;