Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/46062/?format=api
https://patches.dpdk.org/api/patches/46062/?format=api", "web_url": "https://patches.dpdk.org/project/dpdk/patch/1538652150-2373-2-git-send-email-tomaszx.cel@intel.com/", "project": { "id": 1, "url": "https://patches.dpdk.org/api/projects/1/?format=api", "name": "DPDK", "link_name": "dpdk", "list_id": "dev.dpdk.org", "list_email": "dev@dpdk.org", "web_url": "http://core.dpdk.org", "scm_url": "git://dpdk.org/dpdk", "webscm_url": "http://git.dpdk.org/dpdk", "list_archive_url": "https://inbox.dpdk.org/dev", "list_archive_url_format": "https://inbox.dpdk.org/dev/{}", "commit_url_format": "" }, "msgid": "<1538652150-2373-2-git-send-email-tomaszx.cel@intel.com>", "list_archive_url": "https://inbox.dpdk.org/dev/1538652150-2373-2-git-send-email-tomaszx.cel@intel.com", "date": "2018-10-04T11:22:28", "name": "[v2,1/3] crypto/qat: add support AES-CMAC", "commit_ref": null, "pull_url": null, "state": "superseded", "archived": true, "hash": "2c6aa971932112acab6b4c983dbdd2e7a4e64f08", "submitter": { "id": 1104, "url": "https://patches.dpdk.org/api/people/1104/?format=api", "name": "Cel, TomaszX", "email": "tomaszx.cel@intel.com" }, "delegate": { "id": 6690, "url": "https://patches.dpdk.org/api/users/6690/?format=api", "username": "akhil", "first_name": "akhil", "last_name": "goyal", "email": "gakhil@marvell.com" }, "mbox": "https://patches.dpdk.org/project/dpdk/patch/1538652150-2373-2-git-send-email-tomaszx.cel@intel.com/mbox/", "series": [ { "id": 1689, "url": "https://patches.dpdk.org/api/series/1689/?format=api", "web_url": "https://patches.dpdk.org/project/dpdk/list/?series=1689", "date": "2018-10-04T11:22:27", "name": "add AES-CMAC support", "version": 2, "mbox": "https://patches.dpdk.org/series/1689/mbox/" } ], "comments": "https://patches.dpdk.org/api/patches/46062/comments/", "check": "warning", "checks": "https://patches.dpdk.org/api/patches/46062/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<dev-bounces@dpdk.org>", "X-Original-To": "patchwork@dpdk.org", "Delivered-To": "patchwork@dpdk.org", "Received": [ "from [92.243.14.124] (localhost [127.0.0.1])\n\tby dpdk.org (Postfix) with ESMTP id 835B01B276;\n\tThu, 4 Oct 2018 13:22:52 +0200 (CEST)", "from mga02.intel.com (mga02.intel.com [134.134.136.20])\n\tby dpdk.org (Postfix) with ESMTP id 0E1ED1B273;\n\tThu, 4 Oct 2018 13:22:47 +0200 (CEST)", "from orsmga002.jf.intel.com ([10.7.209.21])\n\tby orsmga101.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;\n\t04 Oct 2018 04:22:45 -0700", "from tcelx-mobl.ger.corp.intel.com (HELO localhost.localdomain)\n\t([10.103.104.22])\n\tby orsmga002.jf.intel.com with ESMTP; 04 Oct 2018 04:22:36 -0700" ], "X-Amp-Result": "SKIPPED(no attachment in message)", "X-Amp-File-Uploaded": "False", "X-ExtLoop1": "1", "X-IronPort-AV": "E=Sophos;i=\"5.54,338,1534834800\"; d=\"scan'208\";a=\"97361536\"", "From": "Tomasz Cel <tomaszx.cel@intel.com>", "To": "dev@dpdk.org", "Cc": "stable@dpdk.org, fiona.trahe@intel.com, akhil.goyal@nxp.com,\n\tmarko.kovacevic@intel.com, arkadiuszx.kusztal@intel.com,\n\tTomasz Cel <tomaszx.cel@intel.com>", "Date": "Thu, 4 Oct 2018 13:22:28 +0200", "Message-Id": "<1538652150-2373-2-git-send-email-tomaszx.cel@intel.com>", "X-Mailer": "git-send-email 2.7.4", "In-Reply-To": "<1538652150-2373-1-git-send-email-tomaszx.cel@intel.com>", "References": "<1538158257-17898-1-git-send-email-tomaszx.cel@intel.com>\n\t<1538652150-2373-1-git-send-email-tomaszx.cel@intel.com>", "Subject": "[dpdk-dev] [PATCH v2 1/3] crypto/qat: add support AES-CMAC", "X-BeenThere": "dev@dpdk.org", "X-Mailman-Version": "2.1.15", "Precedence": "list", "List-Id": "DPDK patches and discussions <dev.dpdk.org>", "List-Unsubscribe": "<https://mails.dpdk.org/options/dev>,\n\t<mailto:dev-request@dpdk.org?subject=unsubscribe>", "List-Archive": "<http://mails.dpdk.org/archives/dev/>", "List-Post": "<mailto:dev@dpdk.org>", "List-Help": "<mailto:dev-request@dpdk.org?subject=help>", "List-Subscribe": "<https://mails.dpdk.org/listinfo/dev>,\n\t<mailto:dev-request@dpdk.org?subject=subscribe>", "Errors-To": "dev-bounces@dpdk.org", "Sender": "\"dev\" <dev-bounces@dpdk.org>" }, "content": "This patch add AES-CMAC support. CMAC is a keyed hash function\nthat is based on a symmetric key block cipher. It is One-Key\nCBC MAC improvement over XCBC-MAC. RFC 4493. NIST SP 800-38B.\n\nSigned-off-by: Tomasz Cel <tomaszx.cel@intel.com>\nSigned-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>\n---\n drivers/crypto/qat/qat_sym_session.c | 190 +++++++++++++++++++++++++----------\n drivers/crypto/qat/qat_sym_session.h | 3 +\n 2 files changed, 139 insertions(+), 54 deletions(-)", "diff": "diff --git a/drivers/crypto/qat/qat_sym_session.c b/drivers/crypto/qat/qat_sym_session.c\nindex 1d58220..8196e23 100644\n--- a/drivers/crypto/qat/qat_sym_session.c\n+++ b/drivers/crypto/qat/qat_sym_session.c\n@@ -498,6 +498,7 @@ qat_sym_session_configure_auth(struct rte_cryptodev *dev,\n \tstruct qat_sym_dev_private *internals = dev->data->dev_private;\n \tuint8_t *key_data = auth_xform->key.data;\n \tuint8_t key_length = auth_xform->key.length;\n+\tsession->aes_cmac = 0;\n \n \tswitch (auth_xform->algo) {\n \tcase RTE_CRYPTO_AUTH_SHA1_HMAC:\n@@ -518,6 +519,10 @@ qat_sym_session_configure_auth(struct rte_cryptodev *dev,\n \tcase RTE_CRYPTO_AUTH_AES_XCBC_MAC:\n \t\tsession->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_AES_XCBC_MAC;\n \t\tbreak;\n+\tcase RTE_CRYPTO_AUTH_AES_CMAC:\n+\t\tsession->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_AES_XCBC_MAC;\n+\t\tsession->aes_cmac = 1;\n+\t\tbreak;\n \tcase RTE_CRYPTO_AUTH_AES_GMAC:\n \t\tif (qat_sym_validate_aes_key(auth_xform->key.length,\n \t\t\t\t&session->qat_cipher_alg) != 0) {\n@@ -555,7 +560,6 @@ qat_sym_session_configure_auth(struct rte_cryptodev *dev,\n \tcase RTE_CRYPTO_AUTH_SHA224:\n \tcase RTE_CRYPTO_AUTH_SHA384:\n \tcase RTE_CRYPTO_AUTH_MD5:\n-\tcase RTE_CRYPTO_AUTH_AES_CMAC:\n \tcase RTE_CRYPTO_AUTH_AES_CBC_MAC:\n \t\tQAT_LOG(ERR, \"Crypto: Unsupported hash alg %u\",\n \t\t\t\tauth_xform->algo);\n@@ -817,6 +821,8 @@ static int qat_hash_get_digest_size(enum icp_qat_hw_auth_algo qat_hash_alg)\n \t\treturn ICP_QAT_HW_SHA512_STATE1_SZ;\n \tcase ICP_QAT_HW_AUTH_ALGO_MD5:\n \t\treturn ICP_QAT_HW_MD5_STATE1_SZ;\n+\tcase ICP_QAT_HW_AUTH_ALGO_AES_XCBC_MAC:\n+\t\treturn ICP_QAT_HW_AES_XCBC_MAC_STATE1_SZ;\n \tcase ICP_QAT_HW_AUTH_ALGO_DELIMITER:\n \t\t/* return maximum digest size in this case */\n \t\treturn ICP_QAT_HW_SHA512_STATE1_SZ;\n@@ -843,6 +849,8 @@ static int qat_hash_get_block_size(enum icp_qat_hw_auth_algo qat_hash_alg)\n \t\treturn SHA512_CBLOCK;\n \tcase ICP_QAT_HW_AUTH_ALGO_GALOIS_128:\n \t\treturn 16;\n+\tcase ICP_QAT_HW_AUTH_ALGO_AES_XCBC_MAC:\n+\t\treturn ICP_QAT_HW_AES_BLK_SZ;\n \tcase ICP_QAT_HW_AUTH_ALGO_MD5:\n \t\treturn MD5_CBLOCK;\n \tcase ICP_QAT_HW_AUTH_ALGO_DELIMITER:\n@@ -991,11 +999,28 @@ static int partial_hash_compute(enum icp_qat_hw_auth_algo hash_alg,\n #define HMAC_OPAD_VALUE\t0x5c\n #define HASH_XCBC_PRECOMP_KEY_NUM 3\n \n+static const uint8_t AES_CMAC_SEED[ICP_QAT_HW_AES_128_KEY_SZ];\n+\n+static void aes_cmac_key_derive(uint8_t *base, uint8_t *derived)\n+{\n+\tint i;\n+\n+\tderived[0] = base[0] << 1;\n+\tfor (i = 1; i < ICP_QAT_HW_AES_BLK_SZ ; i++) {\n+\t\tderived[i] = base[i] << 1;\n+\t\tderived[i - 1] |= base[i] >> 7;\n+\t}\n+\n+\tif (base[0] & 0x80)\n+\t\tderived[ICP_QAT_HW_AES_BLK_SZ - 1] ^= QAT_AES_CMAC_CONST_RB;\n+}\n+\n static int qat_sym_do_precomputes(enum icp_qat_hw_auth_algo hash_alg,\n \t\t\t\tconst uint8_t *auth_key,\n \t\t\t\tuint16_t auth_keylen,\n \t\t\t\tuint8_t *p_state_buf,\n-\t\t\t\tuint16_t *p_state_len)\n+\t\t\t\tuint16_t *p_state_len,\n+\t\t\t\tuint8_t aes_cmac)\n {\n \tint block_size;\n \tuint8_t ipad[qat_hash_get_block_size(ICP_QAT_HW_AUTH_ALGO_DELIMITER)];\n@@ -1003,47 +1028,91 @@ static int qat_sym_do_precomputes(enum icp_qat_hw_auth_algo hash_alg,\n \tint i;\n \n \tif (hash_alg == ICP_QAT_HW_AUTH_ALGO_AES_XCBC_MAC) {\n-\t\tstatic uint8_t qat_aes_xcbc_key_seed[\n-\t\t\t\t\tICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ] = {\n-\t\t\t0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,\n-\t\t\t0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,\n-\t\t\t0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02,\n-\t\t\t0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02,\n-\t\t\t0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03,\n-\t\t\t0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03,\n-\t\t};\n \n-\t\tuint8_t *in = NULL;\n-\t\tuint8_t *out = p_state_buf;\n-\t\tint x;\n-\t\tAES_KEY enc_key;\n+\t\t/* CMAC */\n+\t\tif (aes_cmac) {\n+\t\t\tAES_KEY enc_key;\n+\t\t\tuint8_t *in = NULL;\n+\t\t\tuint8_t k0[ICP_QAT_HW_AES_128_KEY_SZ];\n+\t\t\tuint8_t *k1, *k2;\n \n-\t\tin = rte_zmalloc(\"working mem for key\",\n-\t\t\t\tICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ, 16);\n-\t\tif (in == NULL) {\n-\t\t\tQAT_LOG(ERR, \"Failed to alloc memory\");\n-\t\t\treturn -ENOMEM;\n-\t\t}\n+\t\t\tauth_keylen = ICP_QAT_HW_AES_128_KEY_SZ;\n+\n+\t\t\tin = rte_zmalloc(\"AES CMAC K1\",\n+\t\t\t\t\t ICP_QAT_HW_AES_128_KEY_SZ, 16);\n+\n+\t\t\tif (in == NULL) {\n+\t\t\t\tQAT_LOG(ERR, \"Failed to alloc memory\");\n+\t\t\t\treturn -ENOMEM;\n+\t\t\t}\n+\n+\t\t\trte_memcpy(in, AES_CMAC_SEED,\n+\t\t\t\t ICP_QAT_HW_AES_128_KEY_SZ);\n+\t\t\trte_memcpy(p_state_buf, auth_key, auth_keylen);\n \n-\t\trte_memcpy(in, qat_aes_xcbc_key_seed,\n-\t\t\t\tICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ);\n-\t\tfor (x = 0; x < HASH_XCBC_PRECOMP_KEY_NUM; x++) {\n \t\t\tif (AES_set_encrypt_key(auth_key, auth_keylen << 3,\n \t\t\t\t&enc_key) != 0) {\n-\t\t\t\trte_free(in -\n-\t\t\t\t\t(x * ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ));\n-\t\t\t\tmemset(out -\n-\t\t\t\t\t(x * ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ),\n-\t\t\t\t\t0, ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ);\n+\t\t\t\trte_free(in);\n \t\t\t\treturn -EFAULT;\n \t\t\t}\n-\t\t\tAES_encrypt(in, out, &enc_key);\n-\t\t\tin += ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ;\n-\t\t\tout += ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ;\n+\n+\t\t\tAES_encrypt(in, k0, &enc_key);\n+\n+\t\t\tk1 = p_state_buf + ICP_QAT_HW_AES_XCBC_MAC_STATE1_SZ;\n+\t\t\tk2 = k1 + ICP_QAT_HW_AES_XCBC_MAC_STATE1_SZ;\n+\n+\t\t\taes_cmac_key_derive(k0, k1);\n+\t\t\taes_cmac_key_derive(k1, k2);\n+\n+\t\t\tmemset(k0, 0, ICP_QAT_HW_AES_128_KEY_SZ);\n+\t\t\t*p_state_len = ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ;\n+\t\t\trte_free(in);\n+\t\t\treturn 0;\n+\t\t} else {\n+\t\t\tstatic uint8_t qat_aes_xcbc_key_seed[\n+\t\t\t\t\tICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ] = {\n+\t\t\t\t0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,\n+\t\t\t\t0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,\n+\t\t\t\t0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02,\n+\t\t\t\t0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02,\n+\t\t\t\t0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03,\n+\t\t\t\t0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03,\n+\t\t\t};\n+\n+\t\t\tuint8_t *in = NULL;\n+\t\t\tuint8_t *out = p_state_buf;\n+\t\t\tint x;\n+\t\t\tAES_KEY enc_key;\n+\n+\t\t\tin = rte_zmalloc(\"working mem for key\",\n+\t\t\t\t\tICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ, 16);\n+\t\t\tif (in == NULL) {\n+\t\t\t\tQAT_LOG(ERR, \"Failed to alloc memory\");\n+\t\t\t\treturn -ENOMEM;\n+\t\t\t}\n+\n+\t\t\trte_memcpy(in, qat_aes_xcbc_key_seed,\n+\t\t\t\t\tICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ);\n+\t\t\tfor (x = 0; x < HASH_XCBC_PRECOMP_KEY_NUM; x++) {\n+\t\t\t\tif (AES_set_encrypt_key(auth_key,\n+\t\t\t\t\t\t\tauth_keylen << 3,\n+\t\t\t\t\t\t\t&enc_key) != 0) {\n+\t\t\t\t\trte_free(in -\n+\t\t\t\t\t (x * ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ));\n+\t\t\t\t\tmemset(out -\n+\t\t\t\t\t (x * ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ),\n+\t\t\t\t\t 0, ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ);\n+\t\t\t\t\treturn -EFAULT;\n+\t\t\t\t}\n+\t\t\t\tAES_encrypt(in, out, &enc_key);\n+\t\t\t\tin += ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ;\n+\t\t\t\tout += ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ;\n+\t\t\t}\n+\t\t\t*p_state_len = ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ;\n+\t\t\trte_free(in - x*ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ);\n+\t\t\treturn 0;\n \t\t}\n-\t\t*p_state_len = ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ;\n-\t\trte_free(in - x*ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ);\n-\t\treturn 0;\n+\n \t} else if ((hash_alg == ICP_QAT_HW_AUTH_ALGO_GALOIS_128) ||\n \t\t(hash_alg == ICP_QAT_HW_AUTH_ALGO_GALOIS_64)) {\n \t\tuint8_t *in = NULL;\n@@ -1417,7 +1486,9 @@ int qat_sym_session_aead_create_cd_auth(struct qat_sym_session *cdesc,\n \n \tif (cdesc->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_SNOW_3G_UIA2\n \t\t|| cdesc->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_KASUMI_F9\n-\t\t|| cdesc->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_ZUC_3G_128_EIA3)\n+\t\t|| cdesc->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_ZUC_3G_128_EIA3\n+\t\t|| cdesc->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_AES_XCBC_MAC\n+\t\t\t)\n \t\thash->auth_counter.counter = 0;\n \telse\n \t\thash->auth_counter.counter = rte_bswap32(\n@@ -1430,40 +1501,45 @@ int qat_sym_session_aead_create_cd_auth(struct qat_sym_session *cdesc,\n \t */\n \tswitch (cdesc->qat_hash_alg) {\n \tcase ICP_QAT_HW_AUTH_ALGO_SHA1:\n-\t\tif (qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA1,\n-\t\t\tauthkey, authkeylen, cdesc->cd_cur_ptr,\t&state1_size)) {\n+\t\tif (qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA1, authkey,\n+\t\t\tauthkeylen, cdesc->cd_cur_ptr, &state1_size,\n+\t\t\tcdesc->aes_cmac)) {\n \t\t\tQAT_LOG(ERR, \"(SHA)precompute failed\");\n \t\t\treturn -EFAULT;\n \t\t}\n \t\tstate2_size = RTE_ALIGN_CEIL(ICP_QAT_HW_SHA1_STATE2_SZ, 8);\n \t\tbreak;\n \tcase ICP_QAT_HW_AUTH_ALGO_SHA224:\n-\t\tif (qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA224,\n-\t\t\tauthkey, authkeylen, cdesc->cd_cur_ptr, &state1_size)) {\n+\t\tif (qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA224, authkey,\n+\t\t\tauthkeylen, cdesc->cd_cur_ptr, &state1_size,\n+\t\t\tcdesc->aes_cmac)) {\n \t\t\tQAT_LOG(ERR, \"(SHA)precompute failed\");\n \t\t\treturn -EFAULT;\n \t\t}\n \t\tstate2_size = ICP_QAT_HW_SHA224_STATE2_SZ;\n \t\tbreak;\n \tcase ICP_QAT_HW_AUTH_ALGO_SHA256:\n-\t\tif (qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA256,\n-\t\t\tauthkey, authkeylen, cdesc->cd_cur_ptr,\t&state1_size)) {\n+\t\tif (qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA256, authkey,\n+\t\t\tauthkeylen, cdesc->cd_cur_ptr,\t&state1_size,\n+\t\t\tcdesc->aes_cmac)) {\n \t\t\tQAT_LOG(ERR, \"(SHA)precompute failed\");\n \t\t\treturn -EFAULT;\n \t\t}\n \t\tstate2_size = ICP_QAT_HW_SHA256_STATE2_SZ;\n \t\tbreak;\n \tcase ICP_QAT_HW_AUTH_ALGO_SHA384:\n-\t\tif (qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA384,\n-\t\t\tauthkey, authkeylen, cdesc->cd_cur_ptr, &state1_size)) {\n+\t\tif (qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA384, authkey,\n+\t\t\tauthkeylen, cdesc->cd_cur_ptr, &state1_size,\n+\t\t\tcdesc->aes_cmac)) {\n \t\t\tQAT_LOG(ERR, \"(SHA)precompute failed\");\n \t\t\treturn -EFAULT;\n \t\t}\n \t\tstate2_size = ICP_QAT_HW_SHA384_STATE2_SZ;\n \t\tbreak;\n \tcase ICP_QAT_HW_AUTH_ALGO_SHA512:\n-\t\tif (qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA512,\n-\t\t\tauthkey, authkeylen, cdesc->cd_cur_ptr,\t&state1_size)) {\n+\t\tif (qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA512, authkey,\n+\t\t\tauthkeylen, cdesc->cd_cur_ptr,\t&state1_size,\n+\t\t\tcdesc->aes_cmac)) {\n \t\t\tQAT_LOG(ERR, \"(SHA)precompute failed\");\n \t\t\treturn -EFAULT;\n \t\t}\n@@ -1471,10 +1547,16 @@ int qat_sym_session_aead_create_cd_auth(struct qat_sym_session *cdesc,\n \t\tbreak;\n \tcase ICP_QAT_HW_AUTH_ALGO_AES_XCBC_MAC:\n \t\tstate1_size = ICP_QAT_HW_AES_XCBC_MAC_STATE1_SZ;\n+\n+\t\tif (cdesc->aes_cmac)\n+\t\t\tmemset(cdesc->cd_cur_ptr, 0, state1_size);\n \t\tif (qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_AES_XCBC_MAC,\n \t\t\tauthkey, authkeylen, cdesc->cd_cur_ptr + state1_size,\n-\t\t\t&state2_size)) {\n-\t\t\tQAT_LOG(ERR, \"(XCBC)precompute failed\");\n+\t\t\t&state2_size, cdesc->aes_cmac)) {\n+\t\t\tcdesc->aes_cmac ? QAT_LOG(ERR,\n+\t\t\t\t\t\t \"(CMAC)precompute failed\")\n+\t\t\t\t\t: QAT_LOG(ERR,\n+\t\t\t\t\t\t \"(XCBC)precompute failed\");\n \t\t\treturn -EFAULT;\n \t\t}\n \t\tbreak;\n@@ -1482,9 +1564,9 @@ int qat_sym_session_aead_create_cd_auth(struct qat_sym_session *cdesc,\n \tcase ICP_QAT_HW_AUTH_ALGO_GALOIS_64:\n \t\tqat_proto_flag = QAT_CRYPTO_PROTO_FLAG_GCM;\n \t\tstate1_size = ICP_QAT_HW_GALOIS_128_STATE1_SZ;\n-\t\tif (qat_sym_do_precomputes(cdesc->qat_hash_alg,\n-\t\t\tauthkey, authkeylen, cdesc->cd_cur_ptr + state1_size,\n-\t\t\t&state2_size)) {\n+\t\tif (qat_sym_do_precomputes(cdesc->qat_hash_alg, authkey,\n+\t\t\tauthkeylen, cdesc->cd_cur_ptr + state1_size,\n+\t\t\t&state2_size, cdesc->aes_cmac)) {\n \t\t\tQAT_LOG(ERR, \"(GCM)precompute failed\");\n \t\t\treturn -EFAULT;\n \t\t}\n@@ -1542,9 +1624,9 @@ int qat_sym_session_aead_create_cd_auth(struct qat_sym_session *cdesc,\n \n \t\tbreak;\n \tcase ICP_QAT_HW_AUTH_ALGO_MD5:\n-\t\tif (qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_MD5,\n-\t\t\tauthkey, authkeylen, cdesc->cd_cur_ptr,\n-\t\t\t&state1_size)) {\n+\t\tif (qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_MD5, authkey,\n+\t\t\tauthkeylen, cdesc->cd_cur_ptr, &state1_size,\n+\t\t\tcdesc->aes_cmac)) {\n \t\t\tQAT_LOG(ERR, \"(MD5)precompute failed\");\n \t\t\treturn -EFAULT;\n \t\t}\ndiff --git a/drivers/crypto/qat/qat_sym_session.h b/drivers/crypto/qat/qat_sym_session.h\nindex e8f51e5..43e25ce 100644\n--- a/drivers/crypto/qat/qat_sym_session.h\n+++ b/drivers/crypto/qat/qat_sym_session.h\n@@ -36,6 +36,8 @@\n \t\t\t\t\tICP_QAT_HW_CIPHER_KEY_CONVERT, \\\n \t\t\t\t\tICP_QAT_HW_CIPHER_DECRYPT)\n \n+#define QAT_AES_CMAC_CONST_RB 0x87\n+\n enum qat_sym_proto_flag {\n \tQAT_CRYPTO_PROTO_FLAG_NONE = 0,\n \tQAT_CRYPTO_PROTO_FLAG_CCM = 1,\n@@ -75,6 +77,7 @@ struct qat_sym_session {\n \tuint16_t digest_length;\n \trte_spinlock_t lock;\t/* protects this struct */\n \tenum qat_device_gen min_qat_dev_gen;\n+\tuint8_t aes_cmac;\n };\n \n int\n", "prefixes": [ "v2", "1/3" ] }{ "id": 46062, "url": "