Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/130588/?format=api
{ "id": 130588, "url": "http://patches.dpdk.org/api/patches/130588/?format=api", "web_url": "http://patches.dpdk.org/project/dpdk/patch/20230821144234.3249892-1-brian.dooley@intel.com/", "project": { "id": 1, "url": "http://patches.dpdk.org/api/projects/1/?format=api", "name": "DPDK", "link_name": "dpdk", "list_id": "dev.dpdk.org", "list_email": "dev@dpdk.org", "web_url": "http://core.dpdk.org", "scm_url": "git://dpdk.org/dpdk", "webscm_url": "http://git.dpdk.org/dpdk", "list_archive_url": "https://inbox.dpdk.org/dev", "list_archive_url_format": "https://inbox.dpdk.org/dev/{}", "commit_url_format": "" }, "msgid": "<20230821144234.3249892-1-brian.dooley@intel.com>", "list_archive_url": "https://inbox.dpdk.org/dev/20230821144234.3249892-1-brian.dooley@intel.com", "date": "2023-08-21T14:42:34", "name": "[v2] crypto/ipsec_mb: add digest encrypted feature", "commit_ref": null, "pull_url": null, "state": "superseded", "archived": true, "hash": "bbf80d3c210d0c4c54d2c23ce9baccd8e2925e8f", "submitter": { "id": 2520, "url": "http://patches.dpdk.org/api/people/2520/?format=api", "name": "Brian Dooley", "email": "brian.dooley@intel.com" }, "delegate": { "id": 6690, "url": "http://patches.dpdk.org/api/users/6690/?format=api", "username": "akhil", "first_name": "akhil", "last_name": "goyal", "email": "gakhil@marvell.com" }, "mbox": "http://patches.dpdk.org/project/dpdk/patch/20230821144234.3249892-1-brian.dooley@intel.com/mbox/", "series": [ { "id": 29295, "url": "http://patches.dpdk.org/api/series/29295/?format=api", "web_url": "http://patches.dpdk.org/project/dpdk/list/?series=29295", "date": "2023-08-21T14:42:34", "name": "[v2] crypto/ipsec_mb: add digest encrypted feature", "version": 2, "mbox": "http://patches.dpdk.org/series/29295/mbox/" } ], "comments": "http://patches.dpdk.org/api/patches/130588/comments/", "check": "success", "checks": "http://patches.dpdk.org/api/patches/130588/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<dev-bounces@dpdk.org>", "X-Original-To": "patchwork@inbox.dpdk.org", "Delivered-To": "patchwork@inbox.dpdk.org", "Received": [ "from mails.dpdk.org (mails.dpdk.org [217.70.189.124])\n\tby inbox.dpdk.org (Postfix) with ESMTP id 78E4F430C3;\n\tMon, 21 Aug 2023 16:42:41 +0200 (CEST)", "from mails.dpdk.org (localhost [127.0.0.1])\n\tby mails.dpdk.org (Postfix) with ESMTP id 6650742BC9;\n\tMon, 21 Aug 2023 16:42:41 +0200 (CEST)", "from mgamail.intel.com (mgamail.intel.com [192.55.52.115])\n by mails.dpdk.org (Postfix) with ESMTP id F2CD642B8B\n for <dev@dpdk.org>; Mon, 21 Aug 2023 16:42:39 +0200 (CEST)", "from orsmga004.jf.intel.com ([10.7.209.38])\n by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;\n 21 Aug 2023 07:42:38 -0700", "from silpixa00400883.ir.intel.com ([10.243.22.155])\n by orsmga004.jf.intel.com with ESMTP; 21 Aug 2023 07:42:36 -0700" ], "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/simple;\n d=intel.com; i=@intel.com; q=dns/txt; s=Intel;\n t=1692628960; x=1724164960;\n h=from:to:cc:subject:date:message-id:in-reply-to:\n references:mime-version:content-transfer-encoding;\n bh=GMR/VHRT3lHzNHyMUAZKwiR0yFYr5I+SWAB91nZ4Cfw=;\n b=mKZ8LdhWt4IKI/UhY32Ww2xBHbz1v3oCa5hJHWnXJ3rAkMQK4M2Cgva1\n wrxT0RsMf9Ajjl2XcWOGOG30v7gEp8+Ooj4RWvtNdDYtICjJNBoh6D9yX\n FCNYNnwX+fxc76Ohp0SYw0VXqItKHf0slRq0xLm5L39Ynzttx1vYfwsV1\n diywUV0waR5Ys2F6gcE5JwKnFc5DzGZT6xGiK2xp+uLNpBkiAGc6VXGol\n h2GNRFLIXZ56lwpaE22p3gMKHNWYdrsGVlNYp6WjkdMMOYZmnEO3VYKCl\n uP/uUpprrzbrPLJJUiyuBirrcsCBX6lN99IaKFMNZtCg2Rs0tLRvuYgCh Q==;", "X-IronPort-AV": [ "E=McAfee;i=\"6600,9927,10809\"; a=\"373576694\"", "E=Sophos;i=\"6.01,190,1684825200\"; d=\"scan'208\";a=\"373576694\"", "E=McAfee;i=\"6600,9927,10809\"; a=\"859489827\"", "E=Sophos;i=\"6.01,190,1684825200\"; d=\"scan'208\";a=\"859489827\"" ], "X-ExtLoop1": "1", "From": "Brian Dooley <brian.dooley@intel.com>", "To": "Kai Ji <kai.ji@intel.com>, Pablo de Lara <pablo.de.lara.guarch@intel.com>", "Cc": "dev@dpdk.org,\n\tgakhil@marvell.com,\n\tBrian Dooley <brian.dooley@intel.com>", "Subject": "[PATCH v2] crypto/ipsec_mb: add digest encrypted feature", "Date": "Mon, 21 Aug 2023 14:42:34 +0000", "Message-Id": "<20230821144234.3249892-1-brian.dooley@intel.com>", "X-Mailer": "git-send-email 2.25.1", "In-Reply-To": "<20230720103818.1810015-1-brian.dooley@intel.com>", "References": "<20230720103818.1810015-1-brian.dooley@intel.com>", "MIME-Version": "1.0", "Content-Transfer-Encoding": "8bit", "X-BeenThere": "dev@dpdk.org", "X-Mailman-Version": "2.1.29", "Precedence": "list", "List-Id": "DPDK patches and discussions <dev.dpdk.org>", "List-Unsubscribe": "<https://mails.dpdk.org/options/dev>,\n <mailto:dev-request@dpdk.org?subject=unsubscribe>", "List-Archive": "<http://mails.dpdk.org/archives/dev/>", "List-Post": "<mailto:dev@dpdk.org>", "List-Help": "<mailto:dev-request@dpdk.org?subject=help>", "List-Subscribe": "<https://mails.dpdk.org/listinfo/dev>,\n <mailto:dev-request@dpdk.org?subject=subscribe>", "Errors-To": "dev-bounces@dpdk.org" }, "content": "AESNI_MB PMD does not support Digest Encrypted. This patch adds a check and\nsupport for this feature.\n\nSigned-off-by: Brian Dooley <brian.dooley@intel.com>\n---\nv2:\nFixed CHECKPATCH warning\n---\n drivers/crypto/ipsec_mb/pmd_aesni_mb.c | 107 +++++++++++++++++++++++--\n 1 file changed, 102 insertions(+), 5 deletions(-)", "diff": "diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c\nindex 9e298023d7..66f3c82e80 100644\n--- a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c\n+++ b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c\n@@ -1438,6 +1438,54 @@ set_gcm_job(IMB_MGR *mb_mgr, IMB_JOB *job, const uint8_t sgl,\n \treturn 0;\n }\n \n+/** Check if conditions are met for digest-appended operations */\n+static uint8_t *\n+aesni_mb_digest_appended_in_src(struct rte_crypto_op *op, IMB_JOB *job,\n+\t\tuint32_t oop)\n+{\n+\tunsigned int auth_size, cipher_size;\n+\tuint8_t *end_cipher;\n+\tuint8_t *start_cipher;\n+\n+\tif (job->cipher_mode == IMB_CIPHER_NULL)\n+\t\treturn NULL;\n+\n+\tif (job->cipher_mode == IMB_CIPHER_ZUC_EEA3 ||\n+\t\tjob->cipher_mode == IMB_CIPHER_SNOW3G_UEA2_BITLEN ||\n+\t\tjob->cipher_mode == IMB_CIPHER_KASUMI_UEA1_BITLEN) {\n+\t\tcipher_size = (op->sym->cipher.data.offset >> 3) +\n+\t\t\t(op->sym->cipher.data.length >> 3);\n+\t} else {\n+\t\tcipher_size = (op->sym->cipher.data.offset) +\n+\t\t\t(op->sym->cipher.data.length);\n+\t}\n+\tif (job->hash_alg == IMB_AUTH_ZUC_EIA3_BITLEN ||\n+\t\tjob->hash_alg == IMB_AUTH_SNOW3G_UIA2_BITLEN ||\n+\t\tjob->hash_alg == IMB_AUTH_KASUMI_UIA1 ||\n+\t\tjob->hash_alg == IMB_AUTH_ZUC256_EIA3_BITLEN) {\n+\t\tauth_size = (op->sym->auth.data.offset >> 3) +\n+\t\t\t(op->sym->auth.data.length >> 3);\n+\t} else {\n+\t\tauth_size = (op->sym->auth.data.offset) +\n+\t\t\t(op->sym->auth.data.length);\n+\t}\n+\n+\tif (!oop) {\n+\t\tend_cipher = rte_pktmbuf_mtod_offset(op->sym->m_src, uint8_t *, cipher_size);\n+\t\tstart_cipher = rte_pktmbuf_mtod(op->sym->m_src, uint8_t *);\n+\t} else {\n+\t\tend_cipher = rte_pktmbuf_mtod_offset(op->sym->m_dst, uint8_t *, cipher_size);\n+\t\tstart_cipher = rte_pktmbuf_mtod(op->sym->m_dst, uint8_t *);\n+\t}\n+\n+\tif (start_cipher < op->sym->auth.digest.data &&\n+\t\top->sym->auth.digest.data < end_cipher) {\n+\t\treturn rte_pktmbuf_mtod_offset(op->sym->m_src, uint8_t *, auth_size);\n+\t} else {\n+\t\treturn NULL;\n+\t}\n+}\n+\n /**\n * Process a crypto operation and complete a IMB_JOB job structure for\n * submission to the multi buffer library for processing.\n@@ -1580,9 +1628,12 @@ set_mb_job_params(IMB_JOB *job, struct ipsec_mb_qp *qp,\n \t} else {\n \t\tif (aead)\n \t\t\tjob->auth_tag_output = op->sym->aead.digest.data;\n-\t\telse\n-\t\t\tjob->auth_tag_output = op->sym->auth.digest.data;\n-\n+\t\telse {\n+\t\t\tjob->auth_tag_output = aesni_mb_digest_appended_in_src(op, job, oop);\n+\t\t\tif (job->auth_tag_output == NULL) {\n+\t\t\t\tjob->auth_tag_output = op->sym->auth.digest.data;\n+\t\t\t}\n+\t\t}\n \t\tif (session->auth.req_digest_len !=\n \t\t\t\tjob->auth_tag_output_len_in_bytes) {\n \t\t\tjob->auth_tag_output =\n@@ -1917,6 +1968,7 @@ post_process_mb_job(struct ipsec_mb_qp *qp, IMB_JOB *job)\n \tstruct aesni_mb_session *sess = NULL;\n \tuint8_t *linear_buf = NULL;\n \tint sgl = 0;\n+\tuint8_t oop = 0;\n \tuint8_t is_docsis_sec = 0;\n \n \tif (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) {\n@@ -1962,8 +2014,52 @@ post_process_mb_job(struct ipsec_mb_qp *qp, IMB_JOB *job)\n \t\t\t\t\t\top->sym->auth.digest.data,\n \t\t\t\t\t\tsess->auth.req_digest_len,\n \t\t\t\t\t\t&op->status);\n-\t\t\t} else\n+\t\t\t} else {\n+\t\t\t\tif (!op->sym->m_dst || op->sym->m_dst == op->sym->m_src) {\n+\t\t\t\t\t/* in-place operation */\n+\t\t\t\t\toop = 0;\n+\t\t\t\t} else { /* out-of-place operation */\n+\t\t\t\t\toop = 1;\n+\t\t\t\t}\n+\n+\t\t\t\tif (op->sym->m_src->nb_segs == 1 && op->sym->m_dst != NULL\n+\t\t\t\t&& !is_aead_algo(job->hash_alg,\tsess->template_job.cipher_mode) &&\n+\t\t\t\taesni_mb_digest_appended_in_src(op, job, oop) != NULL) {\n+\t\t\t\t\tunsigned int auth_size, cipher_size;\n+\t\t\t\t\tint unencrypted_bytes = 0;\n+\t\t\t\t\tif (job->cipher_mode == IMB_CIPHER_SNOW3G_UEA2_BITLEN ||\n+\t\t\t\t\t\tjob->cipher_mode == IMB_CIPHER_KASUMI_UEA1_BITLEN ||\n+\t\t\t\t\t\tjob->cipher_mode == IMB_CIPHER_ZUC_EEA3) {\n+\t\t\t\t\t\tcipher_size = (op->sym->cipher.data.offset >> 3) +\n+\t\t\t\t\t\t\t(op->sym->cipher.data.length >> 3);\n+\t\t\t\t\t} else {\n+\t\t\t\t\t\tcipher_size = (op->sym->cipher.data.offset) +\n+\t\t\t\t\t\t\t(op->sym->cipher.data.length);\n+\t\t\t\t\t}\n+\t\t\t\t\tif (job->hash_alg == IMB_AUTH_ZUC_EIA3_BITLEN ||\n+\t\t\t\t\t\tjob->hash_alg == IMB_AUTH_SNOW3G_UIA2_BITLEN ||\n+\t\t\t\t\t\tjob->hash_alg == IMB_AUTH_KASUMI_UIA1 ||\n+\t\t\t\t\t\tjob->hash_alg == IMB_AUTH_ZUC256_EIA3_BITLEN) {\n+\t\t\t\t\t\tauth_size = (op->sym->auth.data.offset >> 3) +\n+\t\t\t\t\t\t\t(op->sym->auth.data.length >> 3);\n+\t\t\t\t\t} else {\n+\t\t\t\t\t\tauth_size = (op->sym->auth.data.offset) +\n+\t\t\t\t\t\t(op->sym->auth.data.length);\n+\t\t\t\t\t}\n+\t\t\t\t\tif (job->cipher_mode != IMB_CIPHER_NULL) {\n+\t\t\t\t\t\tunencrypted_bytes =\tauth_size +\n+\t\t\t\t\t\tjob->auth_tag_output_len_in_bytes - cipher_size;\n+\t\t\t\t\t}\n+\t\t\t\t\tif (unencrypted_bytes > 0)\n+\t\t\t\t\t\trte_memcpy(\n+\t\t\t\t\t\trte_pktmbuf_mtod_offset(\n+\t\t\t\t\t\t\top->sym->m_dst, uint8_t *, cipher_size),\n+\t\t\t\t\t\trte_pktmbuf_mtod_offset(\n+\t\t\t\t\t\t\top->sym->m_src, uint8_t *, cipher_size),\n+\t\t\t\t\t\tunencrypted_bytes);\n+\t\t\t\t}\n \t\t\t\tgenerate_digest(job, op, sess);\n+\t\t\t}\n \t\t\tbreak;\n \t\tdefault:\n \t\t\top->status = RTE_CRYPTO_OP_STATUS_ERROR;\n@@ -2555,7 +2651,8 @@ RTE_INIT(ipsec_mb_register_aesni_mb)\n \t\t\tRTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT |\n \t\t\tRTE_CRYPTODEV_FF_OOP_LB_IN_SGL_OUT |\n \t\t\tRTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT |\n-\t\t\tRTE_CRYPTODEV_FF_SECURITY;\n+\t\t\tRTE_CRYPTODEV_FF_SECURITY |\n+\t\t\tRTE_CRYPTODEV_FF_DIGEST_ENCRYPTED;\n \n \taesni_mb_data->internals_priv_size = 0;\n \taesni_mb_data->ops = &aesni_mb_pmd_ops;\n", "prefixes": [ "v2" ] }