From patchwork Thu Aug 30 05:51:05 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hemant Agrawal X-Patchwork-Id: 43994 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id B6C645B34; Thu, 30 Aug 2018 07:53:33 +0200 (CEST) Received: from EUR02-HE1-obe.outbound.protection.outlook.com (mail-eopbgr10071.outbound.protection.outlook.com [40.107.1.71]) by dpdk.org (Postfix) with ESMTP id A6F0F4CC3 for ; Thu, 30 Aug 2018 07:53:20 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nxp.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=OAXZsGT5pccuokismpn/enb8RY3yoXO56zYYYs3EjF8=; b=g6hcp6Ezrb4dv3yxOt86sewxYmRoGC98SijC5hWkdS1MQNXtb1X+4OJjatdEJfAF3Z9zukjSTDQ46e0IE9lru4VZHZrJELhP6gW0N+bz/8StecKxIi9zwDxDaUoCTj/9pd4Xzg4WcDleELBxEt0zNxCOMomuurth7v521pIKLKw= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=hemant.agrawal@nxp.com; Received: from bf-netperf1.ap.freescale.net (14.143.30.134) by VI1PR0401MB2541.eurprd04.prod.outlook.com (2603:10a6:800:56::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1080.17; Thu, 30 Aug 2018 05:53:18 +0000 From: Hemant Agrawal To: dev@dpdk.org Cc: akhil.goyal@nxp.com Date: Thu, 30 Aug 2018 11:21:05 +0530 Message-Id: <1535608265-13323-11-git-send-email-hemant.agrawal@nxp.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1535608265-13323-1-git-send-email-hemant.agrawal@nxp.com> References: <1535608265-13323-1-git-send-email-hemant.agrawal@nxp.com> MIME-Version: 1.0 X-Originating-IP: [14.143.30.134] X-ClientProxiedBy: PN1PR0101CA0049.INDPRD01.PROD.OUTLOOK.COM (2603:1096:c00:d::11) To VI1PR0401MB2541.eurprd04.prod.outlook.com (2603:10a6:800:56::19) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: da31737c-b49b-4149-38c2-08d60e3ce36b X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989137)(4534165)(4627221)(201703031133081)(201702281549075)(8990107)(5600074)(711020)(4618075)(2017052603328)(7153060)(7193020); SRVR:VI1PR0401MB2541; X-Microsoft-Exchange-Diagnostics: 1; VI1PR0401MB2541; 3:EuKwxNy9XXYEmOffwEp1DFwzm6eXRh3quKAyFnZKdWDgMe/NJhydmgM9Rkit4MuO6gee2Kfgajkr4mz4jYl5QfBe97ezloFVVA9oDTPSHd9yr0kruc6R7RtwMjVyP3NtAsvcw8+864rdwtHmcCRiA6o0BZV3COG189HsWDsmHSLVLxKchaXwjmHRcBscmFrh9X7KHvAVLHPhkjMUTRnOzhnIrbJ87KAYSMFerJxWpmZuPgLDmAn5DuX217o5zHVA; 25:JGehxbQd4HcOeem4UlfEWa714iPiBaXZy0x4iXOv0UQhoPCT1JtfA+Us94ep11FeinJigZtGBf9LOKTX0u2BR9aqs9p6zeHWdZ35HSKjqktC118VoRzafYYraYR9b0iwgjYDbgTPOOKFKg9Q5RlznYHT8V9ZntsYQ9gY5QsbE97Wf4JiXNR6OHZBNcL24ax/N+LNIhFRiv6xUtyVKz6MRTMs+ZVQgnk7/2daVegaDmeWDuBAfv5qk9udkdEAfKP0a71cBcOTvlR/Lo+gnQxc0TTq8NUmAWVCCj+y6O5rjVnRskJkND0IVxtwrxJSm8nlIGzbKtMeaEdaZvgjmlnvXw==; 31:sPtOUzxHtPdoso39jwf6P52BDncCUuwlNcmwCPeVHynK65HDEMovmSMjc3pcy1HiwWlaYDD0PErhXgevvRcm3OMTQqwzK/AyyzpDqqCWXA9KExXALMHAXXzlCytRYMr00MH2FZ6Ng+qS1Zq9KpvCDthi0I5XwDzerz9L2SQZwWI0bIjj6sn6UX9GFOnh9rDLOkJh2igyVAVw4vNiBr9wiQ46pQ+27VDBbRXpQEZb0ik= X-MS-TrafficTypeDiagnostic: VI1PR0401MB2541: X-Microsoft-Exchange-Diagnostics: 1; VI1PR0401MB2541; 20:5Wie+4RCbQQ3hc4Cj6As8aHSXxgZxgMCoAbauxzxn9V3SGBhgyKqICMXnDJUZqeZp6a4pG82whcGBn0TsJuzuqFgcJTFHSjxcPDXu706dCZqKyWMuSC+jFZOtIJj/2ahP9mIgmrKjjmbvVz4m6PQfNZf6UHbh+yI7IOyWfyohTz99D9F3N8yNJujhhOCyD2iA8rV4Mwd1imK/ITHcYcbzEaiAQViHevg9BPE9Mz2B2y9LxZ6HePklJqXHTxkAfadBPPfBuWmtRk31y4r68plNqKqla7jU7SzWt2CWzqoUP29ORJg95Osw6BUjukYHxIdLEsFee/jpq9yTGqrspvVt1+BrUmRI62gBwPrVWqxUpnLyacHKVTTz9uivDhopk4st4dwg4so812SO6Ev1W3WXS8Pd7+Q1WZDK/h+rU1nBvE+lFCYM8ifnt6z/PwOqlSePvDrc42W//m1Mj1GXO9VcumxXoEZhXHuhzv0Li8uOLqxmxjdtc7tImn2nY1a5DKY; 4:Yb6V4GCrfe7xemkW1Ery014lU9sVd5CAwLqEi8WdxUy4iOt2QbwGrQZ/qolfWmvj6oxT/wk5i40ezb5xIcJRnvE9muAuxf27aMI+kqpYT/og71IdHLgS6URecvtGGIrCagwqy11XC+AwXouz5XhOmg5MYMiS9JPZAY1AOpl03ivCU533bS+CrvLklrgftMyaUpiweXgFvur23CfyFNod1ENTIEeAuxWGUYuDAToOX8MdmUnYnMYieC0uTmsWj8KJIXyuOcYcl2NM33a+8KBfBc5ZTTEJIhlcEyUYt91rjIUsbb1Lf+fSzYgMoqzWjZeM X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(185117386973197); X-MS-Exchange-SenderADCheck: 1 X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(5005006)(8121501046)(823301075)(3231311)(944501410)(52105095)(10201501046)(3002001)(93006095)(93001095)(6055026)(149027)(150027)(6041310)(20161123560045)(20161123558120)(20161123564045)(20161123562045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(201708071742011)(7699016); SRVR:VI1PR0401MB2541; BCL:0; PCL:0; RULEID:; SRVR:VI1PR0401MB2541; X-Forefront-PRVS: 07807C55DC X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(376002)(396003)(346002)(39860400002)(136003)(366004)(189003)(199004)(316002)(486006)(106356001)(47776003)(16526019)(53936002)(6916009)(6666003)(186003)(26005)(386003)(5009440100003)(6506007)(52116002)(2351001)(956004)(76176011)(66066001)(446003)(51416003)(6512007)(11346002)(6486002)(16586007)(97736004)(86362001)(575784001)(4326008)(44832011)(25786009)(68736007)(105586002)(2616005)(305945005)(2906002)(14444005)(3846002)(6116002)(5660300001)(476003)(81166006)(478600001)(48376002)(8936002)(81156014)(7736002)(8676002)(50466002)(50226002)(2361001)(36756003)(110426005); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR0401MB2541; H:bf-netperf1.ap.freescale.net; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1; Received-SPF: None (protection.outlook.com: nxp.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; VI1PR0401MB2541; 23:Lml/g3HnfNzK6WxVOoFLe9XLYd/m8mMm/PO292g?= XY+PNvmCGTCYcZtr64Pj9exDtbxSNcDbRdnCY8b7YxZqQbaGo8rMS4EIS6wro5tHSKJe7BdwaDBfs5WpSLaGNAl4oU+eGab/TVje2MOVOzv1GKuujGe9N2DxMpXpiT6bSDf3PaCFwxXiCHudJb+L9Z3FOkpm949xVlH17G917WkThGTiSZRuG1lPMvteA2/Lmha/NCDFVQYRZ+Mf7ayl3P1/z4VBKPr0y1h2To5J3KH6co5LQFFrjbqzYilK/nw+szixNosqh6OKuqUvPyYe1/hU9AHSlENO+jQe9eScBpKsM+iRdYYmPVXl0763+HQZVh/wEZMXp0njjJ5GdbaBws7aQSEAMjQ0mBZmSZJZMz+Lk55J7XDfGyEbROpL1pdd9b+/VCbMjE5pHVFIUgcHT5VlPRDLdYdspN5BmFHCMBW5gbWhKWdVZD+zzfqtWcM7wKN1uqlKUz7T4UBdsTI0jHmBCGJhyoN4tbQnBJ4+CjB+0kKP43ZGps2EhwbFOByOHVUnkBnQL/j0wVrgCXUrEb/uDyphemkTPVt5j/tqEqvJrsKxX+o4b1D7bkmJCwxt6xKIqjfdCT3IVtewjABf/JRkFdVCZW4/SHTp3sUj0tj55+JqKMuF3Jyv6p72VeYrD9QJ+B6uzVCTXOahwB31ljAs23skJYW42Ga+G0jOiH0v+ABXtkt9GcUa4CM9++Hhb8Wg4chlCtxHWtYChORFIuUHLqkvPZFwOI4sqI/3E9gnp3ysQ8kjC8uTXc100bBkVkWCfWDGgd+jUL+N444TiGpxjvxQW+EY2okh4IkklfZ1IvGK/Rz1r/IoLIfNkUDUkqLJStNmVY95Cwj4lT0K0BnfjcaIaSuvJanZTiFHq/0u7oeZhTfF6TeJpYWBsAYDH9Ts0BvVaaC0qo5akupApvZUkyP+zjS4rvC84B/czYHWpxlnU2baEzBW4OXtHR1yf77sm6+EnZdi2EV2fJ7rzZxNMRn3FZT55LWTttskupCIIwsBmbZl+sC4oMr9qh6VNIhWwd8hhzK9Ddqz42wTAc50i3TcLDUNde3XY1nL4MGLNpljsrbxAdso6i465ghUcTHVBvVH6w/KoDd6P3hgDIFSYv2sDGGjY9ekqNbJtySODlOC53HpJaE0Nx9Raoi4QB9+/MZQfqNuJW+vs9ni2pNUse2jkCHAgleFyZn/IJuTQI5tYvrYL4qpBdYELrSqdta5jaq88/jUR5FDdnv77KggJJFcDPV59+gcgn7OuVrd7+M/mVj50LXvK8NZL0btu7+n9eKz88Lm9cMY5Pd2RZj6j X-Microsoft-Antispam-Message-Info: 9faWKXC7Mue/lnNZtSiYLOXb/rje0bewHC2V00AkSeGe4ESatXXOzlQhIAjtIB54pNTD8DwOzsd7OhWl84CDEMSjb7JK5qqZyOPmg1kET+cL5sY+cvN657LAHumVnPHXTTOHjO0jtHCxIJzP57/73KsMvscdSoKrREvZBfLN9I0ZN//syAG3O+2HKJ/8rep4050bW7hAaAQpGDRAuvOojqWiKbK/F4WijHwXs7mwxyrV1kuirRngzGD2RKpaKSvtUk6JSx0E2AlEPuFFMqWILgWfqCzmBU/1iwFdMSSI/ugahLcJZRf3nXqbxjHOecjzP3EAisAx5lkfo/bOc4LFKrrvGsWIfD0irAhbutE23b4= X-Microsoft-Exchange-Diagnostics: 1; VI1PR0401MB2541; 6:CZ4gKYWtGtkxo1G0zMZe0IbSmdaesjpBV3BSzOsr0fh7O/mo/9SwwQzSiWNgDSJt/Wam9Po58kMNPYky2l2Bd1LkItB8KlVRlw9xpAg+71dJVCZ3nkyKeDxEnRKZ0fEjsaYo8GqOfQWKrBvnBOqJcS9JogABjGoeIyG/eD3x+7lTRga+F7zmDMcJtNH+Xit7QULA1MThmmVNzBig3qQFCX0mTS+NnH0Zn5mwPmq9DZ9V68ykumKe4YTCfnWUX/e03jX63Az7fFXsbuOukClzgd3AZ3A6PdF2OD56clqKOvbiDAdzD7cZaQaxdAu2GrWnLDlI2kVjSm7FUziY1Nuhez5WrgjtFl5ndrAQHFmF3usHOHqoXhSDopSEMZGY7J9jns7VSX36LbCPDPRwTXGC8gC4J0mrKNnYZkk6a3yvmpoDZWeMBVYsXZoV/SH4LCzj45VnD2C/Str0jMDPA3zquQ==; 5:PlTa+LIYFzaQBiy+1sO28niWZ3OkymQjKhgVWSZKFOxp+dsFSBPe9r0/68VxS3fjS+WgFSoTpHEMGKQw8KRxLl8n7m5/XhNy8Tr8/FLAVFhqUzcY4H1thoRwBVXabkMM9oHvFTsFncEcRKLHYiXWEiVBPgMTY9r59nkdmj+L2MA=; 7:DZx7i8Hh5cm567P0XFg4JrELwU4F27/VF0iiajx4Rz9aNg7vSsyVFS/rt1e98Pls5fTMhqp+21xTmAxduok02MfvsqQqS70jN7YwkY1AbR2yWaVhc9zrT9l0wer/nCVY4QknskeGfDKAmw9AYM9jBmdBAHe1CgL9KTrmKi3Wh351ZnmUcZ2GN+qiqLflIsl8IKrs0ll0avIeFJ/KWGAgMeSgvKuTnDzVmjRjxsTIGMs7p7NmhUF9+46tgHyRBLNQ SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-OriginatorOrg: nxp.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Aug 2018 05:53:18.9520 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: da31737c-b49b-4149-38c2-08d60e3ce36b X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 686ea1d3-bc2b-4c6f-a92c-d99c5c301635 X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR0401MB2541 Subject: [dpdk-dev] [PATCH 10/10] crypto/dpaa_sec: ipsec offload add null algo support X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" Signed-off-by: Hemant Agrawal --- drivers/crypto/dpaa_sec/dpaa_sec.c | 284 +++++++++++++++++++++---------------- 1 file changed, 165 insertions(+), 119 deletions(-) diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c index e5b18df..2f0a5d2 100644 --- a/drivers/crypto/dpaa_sec/dpaa_sec.c +++ b/drivers/crypto/dpaa_sec/dpaa_sec.c @@ -275,6 +275,9 @@ caam_auth_alg(dpaa_sec_session *ses, struct alginfo *alginfo_a) { switch (ses->auth_alg) { case RTE_CRYPTO_AUTH_NULL: + alginfo_a->algtype = + (ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ? + OP_PCL_IPSEC_HMAC_NULL : 0; ses->digest_length = 0; break; case RTE_CRYPTO_AUTH_MD5_HMAC: @@ -323,6 +326,9 @@ caam_cipher_alg(dpaa_sec_session *ses, struct alginfo *alginfo_c) { switch (ses->cipher_alg) { case RTE_CRYPTO_CIPHER_NULL: + alginfo_c->algtype = + (ses->proto_alg == RTE_SECURITY_PROTOCOL_IPSEC) ? + OP_PCL_IPSEC_NULL : 0; break; case RTE_CRYPTO_CIPHER_AES_CBC: alginfo_c->algtype = @@ -360,6 +366,87 @@ caam_aead_alg(dpaa_sec_session *ses, struct alginfo *alginfo) } } +/* prepare ipsec proto command block of the session */ +static int +dpaa_sec_prep_ipsec_cdb(dpaa_sec_session *ses) +{ + struct alginfo cipherdata = {0}, authdata = {0}; + struct sec_cdb *cdb = &ses->cdb; + int32_t shared_desc_len = 0; + int err; +#if RTE_BYTE_ORDER == RTE_BIG_ENDIAN + int swap = false; +#else + int swap = true; +#endif + + caam_cipher_alg(ses, &cipherdata); + if (cipherdata.algtype == (unsigned int)DPAA_SEC_ALG_UNSUPPORT) { + DPAA_SEC_ERR("not supported cipher alg"); + return -ENOTSUP; + } + + cipherdata.key = (size_t)ses->cipher_key.data; + cipherdata.keylen = ses->cipher_key.length; + cipherdata.key_enc_flags = 0; + cipherdata.key_type = RTA_DATA_IMM; + + caam_auth_alg(ses, &authdata); + if (authdata.algtype == (unsigned int)DPAA_SEC_ALG_UNSUPPORT) { + DPAA_SEC_ERR("not supported auth alg"); + return -ENOTSUP; + } + + authdata.key = (size_t)ses->auth_key.data; + authdata.keylen = ses->auth_key.length; + authdata.key_enc_flags = 0; + authdata.key_type = RTA_DATA_IMM; + + cdb->sh_desc[0] = cipherdata.keylen; + cdb->sh_desc[1] = authdata.keylen; + err = rta_inline_query(IPSEC_AUTH_VAR_AES_DEC_BASE_DESC_LEN, + MIN_JOB_DESC_SIZE, + (unsigned int *)cdb->sh_desc, + &cdb->sh_desc[2], 2); + + if (err < 0) { + DPAA_SEC_ERR("Crypto: Incorrect key lengths"); + return err; + } + if (cdb->sh_desc[2] & 1) + cipherdata.key_type = RTA_DATA_IMM; + else { + cipherdata.key = (size_t)dpaa_mem_vtop( + (void *)(size_t)cipherdata.key); + cipherdata.key_type = RTA_DATA_PTR; + } + if (cdb->sh_desc[2] & (1<<1)) + authdata.key_type = RTA_DATA_IMM; + else { + authdata.key = (size_t)dpaa_mem_vtop( + (void *)(size_t)authdata.key); + authdata.key_type = RTA_DATA_PTR; + } + + cdb->sh_desc[0] = 0; + cdb->sh_desc[1] = 0; + cdb->sh_desc[2] = 0; + if (ses->dir == DIR_ENC) { + shared_desc_len = cnstr_shdsc_ipsec_new_encap( + cdb->sh_desc, + true, swap, SHR_SERIAL, + &ses->encap_pdb, + (uint8_t *)&ses->ip4_hdr, + &cipherdata, &authdata); + } else if (ses->dir == DIR_DEC) { + shared_desc_len = cnstr_shdsc_ipsec_new_decap( + cdb->sh_desc, + true, swap, SHR_SERIAL, + &ses->decap_pdb, + &cipherdata, &authdata); + } + return shared_desc_len; +} /* prepare command block of the session */ static int @@ -377,7 +464,9 @@ dpaa_sec_prep_cdb(dpaa_sec_session *ses) memset(cdb, 0, sizeof(struct sec_cdb)); - if (is_cipher_only(ses)) { + if (is_proto_ipsec(ses)) { + shared_desc_len = dpaa_sec_prep_ipsec_cdb(ses); + } else if (is_cipher_only(ses)) { caam_cipher_alg(ses, &alginfo_c); if (alginfo_c.algtype == (unsigned int)DPAA_SEC_ALG_UNSUPPORT) { DPAA_SEC_ERR("not supported cipher alg"); @@ -485,30 +574,13 @@ dpaa_sec_prep_cdb(dpaa_sec_session *ses) cdb->sh_desc[0] = 0; cdb->sh_desc[1] = 0; cdb->sh_desc[2] = 0; - if (is_proto_ipsec(ses)) { - if (ses->dir == DIR_ENC) { - shared_desc_len = cnstr_shdsc_ipsec_new_encap( - cdb->sh_desc, - true, swap, SHR_SERIAL, - &ses->encap_pdb, - (uint8_t *)&ses->ip4_hdr, - &alginfo_c, &alginfo_a); - } else if (ses->dir == DIR_DEC) { - shared_desc_len = cnstr_shdsc_ipsec_new_decap( - cdb->sh_desc, - true, swap, SHR_SERIAL, - &ses->decap_pdb, - &alginfo_c, &alginfo_a); - } - } else { - /* Auth_only_len is set as 0 here and it will be - * overwritten in fd for each packet. - */ - shared_desc_len = cnstr_shdsc_authenc(cdb->sh_desc, - true, swap, &alginfo_c, &alginfo_a, - ses->iv.length, 0, - ses->digest_length, ses->dir); - } + /* Auth_only_len is set as 0 here and it will be + * overwritten in fd for each packet. + */ + shared_desc_len = cnstr_shdsc_authenc(cdb->sh_desc, + true, swap, &alginfo_c, &alginfo_a, + ses->iv.length, 0, + ses->digest_length, ses->dir); } if (shared_desc_len < 0) { @@ -1465,7 +1537,9 @@ dpaa_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops, auth_only_len = op->sym->auth.data.length - op->sym->cipher.data.length; if (rte_pktmbuf_is_contiguous(op->sym->m_src)) { - if (is_auth_only(ses)) { + if (is_proto_ipsec(ses)) { + cf = build_proto(op, ses); + } else if (is_auth_only(ses)) { cf = build_auth_only(op, ses); } else if (is_cipher_only(ses)) { cf = build_cipher_only(op, ses); @@ -1474,8 +1548,6 @@ dpaa_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops, auth_only_len = ses->auth_only_len; } else if (is_auth_cipher(ses)) { cf = build_cipher_auth(op, ses); - } else if (is_proto_ipsec(ses)) { - cf = build_proto(op, ses); } else { DPAA_SEC_DP_ERR("not supported ops"); frames_to_send = loop; @@ -1898,8 +1970,8 @@ dpaa_sec_set_ipsec_session(__rte_unused struct rte_cryptodev *dev, { struct dpaa_sec_dev_private *internals = dev->data->dev_private; struct rte_security_ipsec_xform *ipsec_xform = &conf->ipsec; - struct rte_crypto_auth_xform *auth_xform; - struct rte_crypto_cipher_xform *cipher_xform; + struct rte_crypto_auth_xform *auth_xform = NULL; + struct rte_crypto_cipher_xform *cipher_xform = NULL; dpaa_sec_session *session = (dpaa_sec_session *)sess; PMD_INIT_FUNC_TRACE(); @@ -1907,103 +1979,77 @@ dpaa_sec_set_ipsec_session(__rte_unused struct rte_cryptodev *dev, memset(session, 0, sizeof(dpaa_sec_session)); if (ipsec_xform->direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS) { cipher_xform = &conf->crypto_xform->cipher; - auth_xform = &conf->crypto_xform->next->auth; + if (conf->crypto_xform->next) + auth_xform = &conf->crypto_xform->next->auth; } else { auth_xform = &conf->crypto_xform->auth; - cipher_xform = &conf->crypto_xform->next->cipher; + if (conf->crypto_xform->next) + cipher_xform = &conf->crypto_xform->next->cipher; } session->proto_alg = conf->protocol; - session->cipher_key.data = rte_zmalloc(NULL, - cipher_xform->key.length, - RTE_CACHE_LINE_SIZE); - if (session->cipher_key.data == NULL && - cipher_xform->key.length > 0) { - DPAA_SEC_ERR("No Memory for cipher key"); - return -ENOMEM; - } - session->cipher_key.length = cipher_xform->key.length; - session->auth_key.data = rte_zmalloc(NULL, - auth_xform->key.length, - RTE_CACHE_LINE_SIZE); - if (session->auth_key.data == NULL && - auth_xform->key.length > 0) { - DPAA_SEC_ERR("No Memory for auth key"); - rte_free(session->cipher_key.data); - return -ENOMEM; + if (cipher_xform && cipher_xform->algo != RTE_CRYPTO_CIPHER_NULL) { + session->cipher_key.data = rte_zmalloc(NULL, + cipher_xform->key.length, + RTE_CACHE_LINE_SIZE); + if (session->cipher_key.data == NULL && + cipher_xform->key.length > 0) { + DPAA_SEC_ERR("No Memory for cipher key"); + return -ENOMEM; + } + memcpy(session->cipher_key.data, cipher_xform->key.data, + cipher_xform->key.length); + session->cipher_key.length = cipher_xform->key.length; + + switch (cipher_xform->algo) { + case RTE_CRYPTO_CIPHER_AES_CBC: + case RTE_CRYPTO_CIPHER_3DES_CBC: + case RTE_CRYPTO_CIPHER_AES_CTR: + break; + default: + DPAA_SEC_ERR("Crypto: Unsupported Cipher alg %u", + cipher_xform->algo); + goto out; + } + session->cipher_alg = cipher_xform->algo; + } else { + session->cipher_key.data = NULL; + session->cipher_key.length = 0; + session->cipher_alg = RTE_CRYPTO_CIPHER_NULL; } - session->auth_key.length = auth_xform->key.length; - memcpy(session->cipher_key.data, cipher_xform->key.data, - cipher_xform->key.length); - memcpy(session->auth_key.data, auth_xform->key.data, - auth_xform->key.length); - switch (auth_xform->algo) { - case RTE_CRYPTO_AUTH_SHA1_HMAC: - session->auth_alg = RTE_CRYPTO_AUTH_SHA1_HMAC; - break; - case RTE_CRYPTO_AUTH_MD5_HMAC: - session->auth_alg = RTE_CRYPTO_AUTH_MD5_HMAC; - break; - case RTE_CRYPTO_AUTH_SHA256_HMAC: - session->auth_alg = RTE_CRYPTO_AUTH_SHA256_HMAC; - break; - case RTE_CRYPTO_AUTH_SHA384_HMAC: - session->auth_alg = RTE_CRYPTO_AUTH_SHA384_HMAC; - break; - case RTE_CRYPTO_AUTH_SHA512_HMAC: - session->auth_alg = RTE_CRYPTO_AUTH_SHA512_HMAC; - break; - case RTE_CRYPTO_AUTH_AES_CMAC: - session->auth_alg = RTE_CRYPTO_AUTH_AES_CMAC; - break; - case RTE_CRYPTO_AUTH_NULL: + if (auth_xform && auth_xform->algo != RTE_CRYPTO_AUTH_NULL) { + session->auth_key.data = rte_zmalloc(NULL, + auth_xform->key.length, + RTE_CACHE_LINE_SIZE); + if (session->auth_key.data == NULL && + auth_xform->key.length > 0) { + DPAA_SEC_ERR("No Memory for auth key"); + rte_free(session->cipher_key.data); + return -ENOMEM; + } + memcpy(session->auth_key.data, auth_xform->key.data, + auth_xform->key.length); + session->auth_key.length = auth_xform->key.length; + + switch (auth_xform->algo) { + case RTE_CRYPTO_AUTH_SHA1_HMAC: + case RTE_CRYPTO_AUTH_MD5_HMAC: + case RTE_CRYPTO_AUTH_SHA256_HMAC: + case RTE_CRYPTO_AUTH_SHA384_HMAC: + case RTE_CRYPTO_AUTH_SHA512_HMAC: + case RTE_CRYPTO_AUTH_AES_CMAC: + break; + default: + DPAA_SEC_ERR("Crypto: Unsupported auth alg %u", + auth_xform->algo); + goto out; + } + session->auth_alg = auth_xform->algo; + } else { + session->auth_key.data = NULL; + session->auth_key.length = 0; session->auth_alg = RTE_CRYPTO_AUTH_NULL; - break; - case RTE_CRYPTO_AUTH_SHA224_HMAC: - case RTE_CRYPTO_AUTH_AES_XCBC_MAC: - case RTE_CRYPTO_AUTH_SNOW3G_UIA2: - case RTE_CRYPTO_AUTH_SHA1: - case RTE_CRYPTO_AUTH_SHA256: - case RTE_CRYPTO_AUTH_SHA512: - case RTE_CRYPTO_AUTH_SHA224: - case RTE_CRYPTO_AUTH_SHA384: - case RTE_CRYPTO_AUTH_MD5: - case RTE_CRYPTO_AUTH_AES_GMAC: - case RTE_CRYPTO_AUTH_KASUMI_F9: - case RTE_CRYPTO_AUTH_AES_CBC_MAC: - case RTE_CRYPTO_AUTH_ZUC_EIA3: - DPAA_SEC_ERR("Crypto: Unsupported auth alg %u", - auth_xform->algo); - goto out; - default: - DPAA_SEC_ERR("Crypto: Undefined Auth specified %u", - auth_xform->algo); - goto out; - } - - switch (cipher_xform->algo) { - case RTE_CRYPTO_CIPHER_AES_CBC: - session->cipher_alg = RTE_CRYPTO_CIPHER_AES_CBC; - break; - case RTE_CRYPTO_CIPHER_3DES_CBC: - session->cipher_alg = RTE_CRYPTO_CIPHER_3DES_CBC; - break; - case RTE_CRYPTO_CIPHER_AES_CTR: - session->cipher_alg = RTE_CRYPTO_CIPHER_AES_CTR; - break; - case RTE_CRYPTO_CIPHER_NULL: - case RTE_CRYPTO_CIPHER_SNOW3G_UEA2: - case RTE_CRYPTO_CIPHER_3DES_ECB: - case RTE_CRYPTO_CIPHER_AES_ECB: - case RTE_CRYPTO_CIPHER_KASUMI_F8: - DPAA_SEC_ERR("Crypto: Unsupported Cipher alg %u", - cipher_xform->algo); - goto out; - default: - DPAA_SEC_ERR("Crypto: Undefined Cipher specified %u", - cipher_xform->algo); - goto out; } if (ipsec_xform->direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS) {