diff mbox series

[06/12] crypto/cnxk: handle the extra len reported by microcode

Message ID 20240314083844.3319506-7-vvelumuri@marvell.com (mailing list archive)
State Superseded, archived
Delegated to: akhil goyal
Headers
Series Add TLS features |

Checks

Context Check Description
ci/checkpatch success coding style OK

Commit Message

Vidya Sagar Velumuri March 14, 2024, 8:38 a.m. UTC 
  Microcode reports one extra byte in response len specifically for
AES-GCM in TLS-1.3. Handle the extra byte in PMD by decreasing
the length by 1 byte.

Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
---
 drivers/crypto/cnxk/cn10k_cryptodev_ops.c | 9 ++++++---
 drivers/crypto/cnxk/cn10k_cryptodev_sec.h | 3 ++-
 drivers/crypto/cnxk/cn10k_tls.c           | 4 ++++
 3 files changed, 12 insertions(+), 4 deletions(-)
diff mbox series

Patch

diff --git a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
index 8991150c05..f385550f68 100644
--- a/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
+++ b/drivers/crypto/cnxk/cn10k_cryptodev_ops.c
@@ -989,12 +989,15 @@  cn10k_cpt_ipsec_post_process(struct rte_crypto_op *cop, struct cpt_cn10k_res_s *
 }
 
 static inline void
-cn10k_cpt_tls_post_process(struct rte_crypto_op *cop, struct cpt_cn10k_res_s *res)
+cn10k_cpt_tls_post_process(struct rte_crypto_op *cop, struct cpt_cn10k_res_s *res,
+			   struct cn10k_sec_session *sess)
 {
 	struct rte_mbuf *mbuf = cop->sym->m_src;
-	const uint16_t m_len = res->rlen;
+	uint16_t m_len = res->rlen;
 
 	if (!res->uc_compcode) {
+		if ((sess->tls.tls_ver == RTE_SECURITY_VERSION_TLS_1_3) && (!sess->tls.is_write))
+			m_len -= 1;
 		if (mbuf->next == NULL)
 			mbuf->data_len = m_len;
 		mbuf->pkt_len = m_len;
@@ -1015,7 +1018,7 @@  cn10k_cpt_sec_post_process(struct rte_crypto_op *cop, struct cpt_cn10k_res_s *re
 	if (sess->proto == RTE_SECURITY_PROTOCOL_IPSEC)
 		cn10k_cpt_ipsec_post_process(cop, res);
 	else if (sess->proto == RTE_SECURITY_PROTOCOL_TLS_RECORD)
-		cn10k_cpt_tls_post_process(cop, res);
+		cn10k_cpt_tls_post_process(cop, res, sess);
 }
 
 static inline void
diff --git a/drivers/crypto/cnxk/cn10k_cryptodev_sec.h b/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
index ec216b1187..7e175119c3 100644
--- a/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
+++ b/drivers/crypto/cnxk/cn10k_cryptodev_sec.h
@@ -37,7 +37,8 @@  struct cn10k_sec_session {
 			uint8_t enable_padding : 1;
 			uint8_t tail_fetch_len : 2;
 			uint8_t is_write : 1;
-			uint8_t rvsd : 4;
+			uint8_t tls_ver : 2;
+			uint8_t rvsd : 2;
 		} tls;
 	};
 	/** Queue pair */
diff --git a/drivers/crypto/cnxk/cn10k_tls.c b/drivers/crypto/cnxk/cn10k_tls.c
index f501fe67ac..fe4da8d2a0 100644
--- a/drivers/crypto/cnxk/cn10k_tls.c
+++ b/drivers/crypto/cnxk/cn10k_tls.c
@@ -610,6 +610,7 @@  cn10k_tls_read_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 			 struct cn10k_sec_session *sec_sess)
 {
 	struct roc_ie_ot_tls_read_sa *sa_dptr;
+	uint8_t tls_ver = tls_xfrm->ver;
 	struct cn10k_tls_record *tls;
 	union cpt_inst_w4 inst_w4;
 	void *read_sa;
@@ -659,6 +660,7 @@  cn10k_tls_read_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 			ROC_IE_OT_TLS13_MAJOR_OP_RECORD_DEC | ROC_IE_OT_INPLACE_BIT;
 	}
 
+	sec_sess->tls.tls_ver = tls_ver;
 	sec_sess->inst.w4 = inst_w4.u64;
 	sec_sess->inst.w7 = cpt_inst_w7_get(roc_cpt, read_sa);
 
@@ -694,6 +696,7 @@  cn10k_tls_write_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 			  struct cn10k_sec_session *sec_sess)
 {
 	struct roc_ie_ot_tls_write_sa *sa_dptr;
+	uint8_t tls_ver = tls_xfrm->ver;
 	struct cn10k_tls_record *tls;
 	union cpt_inst_w4 inst_w4;
 	void *write_sa;
@@ -727,6 +730,7 @@  cn10k_tls_write_sa_create(struct roc_cpt *roc_cpt, struct roc_cpt_lf *lf,
 		sec_sess->iv_length = crypto_xfrm->next->cipher.iv.length;
 	}
 
+	sec_sess->tls.tls_ver = tls_ver;
 	sec_sess->tls.is_write = 1;
 	sec_sess->tls.enable_padding = tls_xfrm->options.extra_padding_enable;
 	sec_sess->max_extended_len = tls_write_rlens_get(tls_xfrm, crypto_xfrm);