Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/130747/?format=api
{ "id": 130747, "url": "https://patches.dpdk.org/api/patches/130747/?format=api", "web_url": "https://patches.dpdk.org/project/dpdk/patch/20230825084135.3430358-1-brian.dooley@intel.com/", "project": { "id": 1, "url": "https://patches.dpdk.org/api/projects/1/?format=api", "name": "DPDK", "link_name": "dpdk", "list_id": "dev.dpdk.org", "list_email": "dev@dpdk.org", "web_url": "http://core.dpdk.org", "scm_url": "git://dpdk.org/dpdk", "webscm_url": "http://git.dpdk.org/dpdk", "list_archive_url": "https://inbox.dpdk.org/dev", "list_archive_url_format": "https://inbox.dpdk.org/dev/{}", "commit_url_format": "" }, "msgid": "<20230825084135.3430358-1-brian.dooley@intel.com>", "list_archive_url": "https://inbox.dpdk.org/dev/20230825084135.3430358-1-brian.dooley@intel.com", "date": "2023-08-25T08:41:35", "name": "[v3] crypto/ipsec_mb: add digest encrypted feature", "commit_ref": null, "pull_url": null, "state": "superseded", "archived": true, "hash": "4912b823aa5b691814a21bd85d818730340f72e2", "submitter": { "id": 2520, "url": "https://patches.dpdk.org/api/people/2520/?format=api", "name": "Dooley, Brian", "email": "brian.dooley@intel.com" }, "delegate": { "id": 6690, "url": "https://patches.dpdk.org/api/users/6690/?format=api", "username": "akhil", "first_name": "akhil", "last_name": "goyal", "email": "gakhil@marvell.com" }, "mbox": "https://patches.dpdk.org/project/dpdk/patch/20230825084135.3430358-1-brian.dooley@intel.com/mbox/", "series": [ { "id": 29340, "url": "https://patches.dpdk.org/api/series/29340/?format=api", "web_url": "https://patches.dpdk.org/project/dpdk/list/?series=29340", "date": "2023-08-25T08:41:35", "name": "[v3] crypto/ipsec_mb: add digest encrypted feature", "version": 3, "mbox": "https://patches.dpdk.org/series/29340/mbox/" } ], "comments": "https://patches.dpdk.org/api/patches/130747/comments/", "check": "success", "checks": "https://patches.dpdk.org/api/patches/130747/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<dev-bounces@dpdk.org>", "X-Original-To": "patchwork@inbox.dpdk.org", "Delivered-To": "patchwork@inbox.dpdk.org", "Received": [ "from mails.dpdk.org (mails.dpdk.org [217.70.189.124])\n\tby inbox.dpdk.org (Postfix) with ESMTP id EFA17430FE;\n\tFri, 25 Aug 2023 10:41:46 +0200 (CEST)", "from mails.dpdk.org (localhost [127.0.0.1])\n\tby mails.dpdk.org (Postfix) with ESMTP id DA38D40A7A;\n\tFri, 25 Aug 2023 10:41:46 +0200 (CEST)", "from mgamail.intel.com (mgamail.intel.com [192.55.52.136])\n by mails.dpdk.org (Postfix) with ESMTP id E5BAF40695\n for <dev@dpdk.org>; Fri, 25 Aug 2023 10:41:44 +0200 (CEST)", "from fmsmga008.fm.intel.com ([10.253.24.58])\n by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;\n 25 Aug 2023 01:41:39 -0700", "from silpixa00400883.ir.intel.com ([10.243.22.155])\n by fmsmga008.fm.intel.com with ESMTP; 25 Aug 2023 01:41:38 -0700" ], "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/simple;\n d=intel.com; i=@intel.com; q=dns/txt; s=Intel;\n t=1692952905; x=1724488905;\n h=from:to:cc:subject:date:message-id:in-reply-to:\n references:mime-version:content-transfer-encoding;\n bh=FD3E2OE2fE3rgaQGtE3ILaFPK1fTfFTygsRCG7xC56Y=;\n b=amw0Cf7Uz2+A/6/qIlkWts3H/vWsTGEWgq87iRiyTF85AS4BY1vW8Huy\n 81Yp7W6tpP3wsNBTCumZq6YGMxBo2BpGwwGBuNCWdEsnaiH6RVk1WB09B\n /SAS8AyVTYL7xmxu0iZ0NGQ0m7hK2fz/P0HchVgH/P9BqMRBy9Pg0zHp+\n f1apHCtZfhoSf1k127YkCfK8Bl+4ntg+fphZQmAQjRMAhavlpmKhqx1NY\n jzzxJQAfM+Ny4rSzMcfkoy6YN5IGUWojBHlPAk+Y0PQ/vmfUhUULjX0Kp\n /O3Z77xW/oKtkWLFdMIuy57igcZyMHf0aUTs4VTkeQmJEnNnN+ysoMRkT A==;", "X-IronPort-AV": [ "E=McAfee;i=\"6600,9927,10812\"; a=\"354195531\"", "E=Sophos;i=\"6.02,195,1688454000\"; d=\"scan'208\";a=\"354195531\"", "E=McAfee;i=\"6600,9927,10812\"; a=\"802894069\"", "E=Sophos;i=\"6.02,195,1688454000\"; d=\"scan'208\";a=\"802894069\"" ], "X-ExtLoop1": "1", "From": "Brian Dooley <brian.dooley@intel.com>", "To": "Kai Ji <kai.ji@intel.com>, Pablo de Lara <pablo.de.lara.guarch@intel.com>", "Cc": "dev@dpdk.org,\n\tgakhil@marvell.com,\n\tBrian Dooley <brian.dooley@intel.com>", "Subject": "[PATCH v3] crypto/ipsec_mb: add digest encrypted feature", "Date": "Fri, 25 Aug 2023 08:41:35 +0000", "Message-Id": "<20230825084135.3430358-1-brian.dooley@intel.com>", "X-Mailer": "git-send-email 2.25.1", "In-Reply-To": "<20230821144234.3249892-1-brian.dooley@intel.com>", "References": "<20230821144234.3249892-1-brian.dooley@intel.com>", "MIME-Version": "1.0", "Content-Transfer-Encoding": "8bit", "X-BeenThere": "dev@dpdk.org", "X-Mailman-Version": "2.1.29", "Precedence": "list", "List-Id": "DPDK patches and discussions <dev.dpdk.org>", "List-Unsubscribe": "<https://mails.dpdk.org/options/dev>,\n <mailto:dev-request@dpdk.org?subject=unsubscribe>", "List-Archive": "<http://mails.dpdk.org/archives/dev/>", "List-Post": "<mailto:dev@dpdk.org>", "List-Help": "<mailto:dev-request@dpdk.org?subject=help>", "List-Subscribe": "<https://mails.dpdk.org/listinfo/dev>,\n <mailto:dev-request@dpdk.org?subject=subscribe>", "Errors-To": "dev-bounces@dpdk.org" }, "content": "AESNI_MB PMD does not support Digest Encrypted. This patch adds a check and\nsupport for this feature.\n\nSigned-off-by: Brian Dooley <brian.dooley@intel.com>\n---\nv2:\nFixed CHECKPATCH warning\nv3:\nAdd Digest encrypted support to docs\n---\n doc/guides/cryptodevs/features/aesni_mb.ini | 1 +\n drivers/crypto/ipsec_mb/pmd_aesni_mb.c | 107 +++++++++++++++++++-\n 2 files changed, 103 insertions(+), 5 deletions(-)", "diff": "diff --git a/doc/guides/cryptodevs/features/aesni_mb.ini b/doc/guides/cryptodevs/features/aesni_mb.ini\nindex e4e965c35a..8df5fa2c85 100644\n--- a/doc/guides/cryptodevs/features/aesni_mb.ini\n+++ b/doc/guides/cryptodevs/features/aesni_mb.ini\n@@ -20,6 +20,7 @@ OOP LB In LB Out = Y\n CPU crypto = Y\n Symmetric sessionless = Y\n Non-Byte aligned data = Y\n+Digest encrypted = Y\n \n ;\n ; Supported crypto algorithms of the 'aesni_mb' crypto driver.\ndiff --git a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c\nindex 9e298023d7..66f3c82e80 100644\n--- a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c\n+++ b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c\n@@ -1438,6 +1438,54 @@ set_gcm_job(IMB_MGR *mb_mgr, IMB_JOB *job, const uint8_t sgl,\n \treturn 0;\n }\n \n+/** Check if conditions are met for digest-appended operations */\n+static uint8_t *\n+aesni_mb_digest_appended_in_src(struct rte_crypto_op *op, IMB_JOB *job,\n+\t\tuint32_t oop)\n+{\n+\tunsigned int auth_size, cipher_size;\n+\tuint8_t *end_cipher;\n+\tuint8_t *start_cipher;\n+\n+\tif (job->cipher_mode == IMB_CIPHER_NULL)\n+\t\treturn NULL;\n+\n+\tif (job->cipher_mode == IMB_CIPHER_ZUC_EEA3 ||\n+\t\tjob->cipher_mode == IMB_CIPHER_SNOW3G_UEA2_BITLEN ||\n+\t\tjob->cipher_mode == IMB_CIPHER_KASUMI_UEA1_BITLEN) {\n+\t\tcipher_size = (op->sym->cipher.data.offset >> 3) +\n+\t\t\t(op->sym->cipher.data.length >> 3);\n+\t} else {\n+\t\tcipher_size = (op->sym->cipher.data.offset) +\n+\t\t\t(op->sym->cipher.data.length);\n+\t}\n+\tif (job->hash_alg == IMB_AUTH_ZUC_EIA3_BITLEN ||\n+\t\tjob->hash_alg == IMB_AUTH_SNOW3G_UIA2_BITLEN ||\n+\t\tjob->hash_alg == IMB_AUTH_KASUMI_UIA1 ||\n+\t\tjob->hash_alg == IMB_AUTH_ZUC256_EIA3_BITLEN) {\n+\t\tauth_size = (op->sym->auth.data.offset >> 3) +\n+\t\t\t(op->sym->auth.data.length >> 3);\n+\t} else {\n+\t\tauth_size = (op->sym->auth.data.offset) +\n+\t\t\t(op->sym->auth.data.length);\n+\t}\n+\n+\tif (!oop) {\n+\t\tend_cipher = rte_pktmbuf_mtod_offset(op->sym->m_src, uint8_t *, cipher_size);\n+\t\tstart_cipher = rte_pktmbuf_mtod(op->sym->m_src, uint8_t *);\n+\t} else {\n+\t\tend_cipher = rte_pktmbuf_mtod_offset(op->sym->m_dst, uint8_t *, cipher_size);\n+\t\tstart_cipher = rte_pktmbuf_mtod(op->sym->m_dst, uint8_t *);\n+\t}\n+\n+\tif (start_cipher < op->sym->auth.digest.data &&\n+\t\top->sym->auth.digest.data < end_cipher) {\n+\t\treturn rte_pktmbuf_mtod_offset(op->sym->m_src, uint8_t *, auth_size);\n+\t} else {\n+\t\treturn NULL;\n+\t}\n+}\n+\n /**\n * Process a crypto operation and complete a IMB_JOB job structure for\n * submission to the multi buffer library for processing.\n@@ -1580,9 +1628,12 @@ set_mb_job_params(IMB_JOB *job, struct ipsec_mb_qp *qp,\n \t} else {\n \t\tif (aead)\n \t\t\tjob->auth_tag_output = op->sym->aead.digest.data;\n-\t\telse\n-\t\t\tjob->auth_tag_output = op->sym->auth.digest.data;\n-\n+\t\telse {\n+\t\t\tjob->auth_tag_output = aesni_mb_digest_appended_in_src(op, job, oop);\n+\t\t\tif (job->auth_tag_output == NULL) {\n+\t\t\t\tjob->auth_tag_output = op->sym->auth.digest.data;\n+\t\t\t}\n+\t\t}\n \t\tif (session->auth.req_digest_len !=\n \t\t\t\tjob->auth_tag_output_len_in_bytes) {\n \t\t\tjob->auth_tag_output =\n@@ -1917,6 +1968,7 @@ post_process_mb_job(struct ipsec_mb_qp *qp, IMB_JOB *job)\n \tstruct aesni_mb_session *sess = NULL;\n \tuint8_t *linear_buf = NULL;\n \tint sgl = 0;\n+\tuint8_t oop = 0;\n \tuint8_t is_docsis_sec = 0;\n \n \tif (op->sess_type == RTE_CRYPTO_OP_SECURITY_SESSION) {\n@@ -1962,8 +2014,52 @@ post_process_mb_job(struct ipsec_mb_qp *qp, IMB_JOB *job)\n \t\t\t\t\t\top->sym->auth.digest.data,\n \t\t\t\t\t\tsess->auth.req_digest_len,\n \t\t\t\t\t\t&op->status);\n-\t\t\t} else\n+\t\t\t} else {\n+\t\t\t\tif (!op->sym->m_dst || op->sym->m_dst == op->sym->m_src) {\n+\t\t\t\t\t/* in-place operation */\n+\t\t\t\t\toop = 0;\n+\t\t\t\t} else { /* out-of-place operation */\n+\t\t\t\t\toop = 1;\n+\t\t\t\t}\n+\n+\t\t\t\tif (op->sym->m_src->nb_segs == 1 && op->sym->m_dst != NULL\n+\t\t\t\t&& !is_aead_algo(job->hash_alg,\tsess->template_job.cipher_mode) &&\n+\t\t\t\taesni_mb_digest_appended_in_src(op, job, oop) != NULL) {\n+\t\t\t\t\tunsigned int auth_size, cipher_size;\n+\t\t\t\t\tint unencrypted_bytes = 0;\n+\t\t\t\t\tif (job->cipher_mode == IMB_CIPHER_SNOW3G_UEA2_BITLEN ||\n+\t\t\t\t\t\tjob->cipher_mode == IMB_CIPHER_KASUMI_UEA1_BITLEN ||\n+\t\t\t\t\t\tjob->cipher_mode == IMB_CIPHER_ZUC_EEA3) {\n+\t\t\t\t\t\tcipher_size = (op->sym->cipher.data.offset >> 3) +\n+\t\t\t\t\t\t\t(op->sym->cipher.data.length >> 3);\n+\t\t\t\t\t} else {\n+\t\t\t\t\t\tcipher_size = (op->sym->cipher.data.offset) +\n+\t\t\t\t\t\t\t(op->sym->cipher.data.length);\n+\t\t\t\t\t}\n+\t\t\t\t\tif (job->hash_alg == IMB_AUTH_ZUC_EIA3_BITLEN ||\n+\t\t\t\t\t\tjob->hash_alg == IMB_AUTH_SNOW3G_UIA2_BITLEN ||\n+\t\t\t\t\t\tjob->hash_alg == IMB_AUTH_KASUMI_UIA1 ||\n+\t\t\t\t\t\tjob->hash_alg == IMB_AUTH_ZUC256_EIA3_BITLEN) {\n+\t\t\t\t\t\tauth_size = (op->sym->auth.data.offset >> 3) +\n+\t\t\t\t\t\t\t(op->sym->auth.data.length >> 3);\n+\t\t\t\t\t} else {\n+\t\t\t\t\t\tauth_size = (op->sym->auth.data.offset) +\n+\t\t\t\t\t\t(op->sym->auth.data.length);\n+\t\t\t\t\t}\n+\t\t\t\t\tif (job->cipher_mode != IMB_CIPHER_NULL) {\n+\t\t\t\t\t\tunencrypted_bytes =\tauth_size +\n+\t\t\t\t\t\tjob->auth_tag_output_len_in_bytes - cipher_size;\n+\t\t\t\t\t}\n+\t\t\t\t\tif (unencrypted_bytes > 0)\n+\t\t\t\t\t\trte_memcpy(\n+\t\t\t\t\t\trte_pktmbuf_mtod_offset(\n+\t\t\t\t\t\t\top->sym->m_dst, uint8_t *, cipher_size),\n+\t\t\t\t\t\trte_pktmbuf_mtod_offset(\n+\t\t\t\t\t\t\top->sym->m_src, uint8_t *, cipher_size),\n+\t\t\t\t\t\tunencrypted_bytes);\n+\t\t\t\t}\n \t\t\t\tgenerate_digest(job, op, sess);\n+\t\t\t}\n \t\t\tbreak;\n \t\tdefault:\n \t\t\top->status = RTE_CRYPTO_OP_STATUS_ERROR;\n@@ -2555,7 +2651,8 @@ RTE_INIT(ipsec_mb_register_aesni_mb)\n \t\t\tRTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT |\n \t\t\tRTE_CRYPTODEV_FF_OOP_LB_IN_SGL_OUT |\n \t\t\tRTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT |\n-\t\t\tRTE_CRYPTODEV_FF_SECURITY;\n+\t\t\tRTE_CRYPTODEV_FF_SECURITY |\n+\t\t\tRTE_CRYPTODEV_FF_DIGEST_ENCRYPTED;\n \n \taesni_mb_data->internals_priv_size = 0;\n \taesni_mb_data->ops = &aesni_mb_pmd_ops;\n", "prefixes": [ "v3" ] }