From patchwork Mon Jun 1 18:02:28 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Akhil Goyal X-Patchwork-Id: 70725 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id 05102A04EF; Mon, 1 Jun 2020 20:02:43 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 2C15A1BFA7; Mon, 1 Jun 2020 20:02:43 +0200 (CEST) Received: from inva020.nxp.com (inva020.nxp.com [92.121.34.13]) by dpdk.org (Postfix) with ESMTP id 9D0AF1BF70 for ; Mon, 1 Jun 2020 20:02:42 +0200 (CEST) Received: from inva020.nxp.com (localhost [127.0.0.1]) by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id 25DA31A088B; Mon, 1 Jun 2020 20:02:42 +0200 (CEST) Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com [165.114.16.14]) by inva020.eu-rdc02.nxp.com (Postfix) with ESMTP id 573671A0899; Mon, 1 Jun 2020 20:02:40 +0200 (CEST) Received: from lsv03273.swis.in-blr01.nxp.com (lsv03273.swis.in-blr01.nxp.com [92.120.147.113]) by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id 0F08440280; Tue, 2 Jun 2020 02:02:38 +0800 (SGT) From: Akhil Goyal To: dev@dpdk.org Cc: hemant.agrawal@nxp.com, Akhil Goyal Date: Mon, 1 Jun 2020 23:32:28 +0530 Message-Id: <20200601180229.26566-1-akhil.goyal@nxp.com> X-Mailer: git-send-email 2.17.1 X-Virus-Scanned: ClamAV using ClamSMTP Subject: [dpdk-dev] [PATCH 1/2] drivers/crypto: fix 18bit PDCP cases with HFN override X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" In case of RTA_SEC_ERA = 8, where the length of shared desc is large for some of PDCP cases, the descriptor buffer cannot hold 2 extra words when HFN override is enabled. As a result, the descriptor fails. This patch converts one of the keys from immediate key to reference key hence reducing the length of the descriptor. Signed-off-by: Akhil Goyal --- drivers/common/dpaax/caamflib/desc/pdcp.h | 44 +++++++++++++++++++++ drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 8 ++++ drivers/crypto/dpaa_sec/dpaa_sec.c | 33 +++------------- 3 files changed, 58 insertions(+), 27 deletions(-) diff --git a/drivers/common/dpaax/caamflib/desc/pdcp.h b/drivers/common/dpaax/caamflib/desc/pdcp.h index b5e2d24e4..99eb0f71a 100644 --- a/drivers/common/dpaax/caamflib/desc/pdcp.h +++ b/drivers/common/dpaax/caamflib/desc/pdcp.h @@ -262,6 +262,50 @@ enum pdb_type_e { PDCP_PDB_TYPE_INVALID }; +/** + * rta_inline_pdcp_query() - Provide indications if a key can be passed as + * immediate data or shall be referenced in a + * shared descriptor. + * Return: 0 if data can be inlined or 1 if referenced. + */ +static inline int +rta_inline_pdcp_query(enum auth_type_pdcp auth_alg, + enum cipher_type_pdcp cipher_alg, + enum pdcp_sn_size sn_size, + int8_t hfn_ovd) +{ + /** + * Shared Descriptors for some of the cases does not fit in the + * MAX_DESC_SIZE of the descriptor especially when non-protocol + * descriptors are formed as in 18bit cases and when HFN override + * is enabled as 2 extra words are added in the job descriptor. + * The cases which exceed are for RTA_SEC_ERA=8 and HFN override + * enabled and 18bit uplane and either of following Algo combinations. + * - SNOW-AES + * - AES-SNOW + * - SNOW-SNOW + * - ZUC-SNOW + * + * We cannot make inline for all cases, as this will impact performance + * due to extra memory accesses for the keys. + */ + if ((rta_sec_era == RTA_SEC_ERA_8) && hfn_ovd && + (sn_size == PDCP_SN_SIZE_18) && + ((cipher_alg == PDCP_CIPHER_TYPE_SNOW && + auth_alg == PDCP_AUTH_TYPE_AES) || + (cipher_alg == PDCP_CIPHER_TYPE_AES && + auth_alg == PDCP_AUTH_TYPE_SNOW) || + (cipher_alg == PDCP_CIPHER_TYPE_SNOW && + auth_alg == PDCP_AUTH_TYPE_SNOW) || + (cipher_alg == PDCP_CIPHER_TYPE_ZUC && + auth_alg == PDCP_AUTH_TYPE_SNOW))) { + + return 1; + } + + return 0; +} + /* * Function for appending the portion of a PDCP Control Plane shared descriptor * which performs NULL encryption and integrity (i.e. copies the input frame diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c index 63e7d930a..f59ea52be 100644 --- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c @@ -3156,6 +3156,14 @@ dpaa2_sec_set_pdcp_session(struct rte_cryptodev *dev, goto out; } + if (rta_inline_pdcp_query(authdata.algtype, + cipherdata.algtype, + session->pdcp.sn_size, + session->pdcp.hfn_ovd)) { + cipherdata.key = DPAA2_VADDR_TO_IOVA(cipherdata.key); + cipherdata.key_type = RTA_DATA_PTR; + } + if (pdcp_xform->domain == RTE_SECURITY_PDCP_MODE_CONTROL) { if (session->dir == DIR_ENC) bufsize = cnstr_shdsc_pdcp_c_plane_encap( diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c index 66ee0ba0c..2b715632d 100644 --- a/drivers/crypto/dpaa_sec/dpaa_sec.c +++ b/drivers/crypto/dpaa_sec/dpaa_sec.c @@ -242,7 +242,6 @@ dpaa_sec_prep_pdcp_cdb(dpaa_sec_session *ses) struct sec_cdb *cdb = &ses->cdb; struct alginfo *p_authdata = NULL; int32_t shared_desc_len = 0; - int err; #if RTE_BYTE_ORDER == RTE_BIG_ENDIAN int swap = false; #else @@ -256,10 +255,6 @@ dpaa_sec_prep_pdcp_cdb(dpaa_sec_session *ses) cipherdata.algtype = ses->cipher_key.alg; cipherdata.algmode = ses->cipher_key.algmode; - cdb->sh_desc[0] = cipherdata.keylen; - cdb->sh_desc[1] = 0; - cdb->sh_desc[2] = 0; - if (ses->auth_alg) { authdata.key = (size_t)ses->auth_key.data; authdata.keylen = ses->auth_key.length; @@ -269,33 +264,17 @@ dpaa_sec_prep_pdcp_cdb(dpaa_sec_session *ses) authdata.algmode = ses->auth_key.algmode; p_authdata = &authdata; - - cdb->sh_desc[1] = authdata.keylen; } - err = rta_inline_query(IPSEC_AUTH_VAR_AES_DEC_BASE_DESC_LEN, - MIN_JOB_DESC_SIZE, - (unsigned int *)cdb->sh_desc, - &cdb->sh_desc[2], 2); - if (err < 0) { - DPAA_SEC_ERR("Crypto: Incorrect key lengths"); - return err; - } - - if (!(cdb->sh_desc[2] & 1) && cipherdata.keylen) { + if (rta_inline_pdcp_query(authdata.algtype, + cipherdata.algtype, + ses->pdcp.sn_size, + ses->pdcp.hfn_ovd)) { cipherdata.key = - (size_t)rte_dpaa_mem_vtop((void *)(size_t)cipherdata.key); + (size_t)rte_dpaa_mem_vtop((void *) + (size_t)cipherdata.key); cipherdata.key_type = RTA_DATA_PTR; } - if (!(cdb->sh_desc[2] & (1 << 1)) && authdata.keylen) { - authdata.key = - (size_t)rte_dpaa_mem_vtop((void *)(size_t)authdata.key); - authdata.key_type = RTA_DATA_PTR; - } - - cdb->sh_desc[0] = 0; - cdb->sh_desc[1] = 0; - cdb->sh_desc[2] = 0; if (ses->pdcp.domain == RTE_SECURITY_PDCP_MODE_CONTROL) { if (ses->dir == DIR_ENC) From patchwork Mon Jun 1 18:02:29 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Akhil Goyal X-Patchwork-Id: 70726 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id E4CDAA04EF; Mon, 1 Jun 2020 20:03:12 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id C29491BFF5; Mon, 1 Jun 2020 20:03:12 +0200 (CEST) Received: from inva021.nxp.com (inva021.nxp.com [92.121.34.21]) by dpdk.org (Postfix) with ESMTP id 18F491BFE2 for ; Mon, 1 Jun 2020 20:03:11 +0200 (CEST) Received: from inva021.nxp.com (localhost [127.0.0.1]) by inva021.eu-rdc02.nxp.com (Postfix) with ESMTP id 9ABD52007A4; Mon, 1 Jun 2020 20:03:10 +0200 (CEST) Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com [165.114.16.14]) by inva021.eu-rdc02.nxp.com (Postfix) with ESMTP id C211E20058B; Mon, 1 Jun 2020 20:03:08 +0200 (CEST) Received: from lsv03273.swis.in-blr01.nxp.com (lsv03273.swis.in-blr01.nxp.com [92.120.147.113]) by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id 7BA70402DF; Tue, 2 Jun 2020 02:03:06 +0800 (SGT) From: Akhil Goyal To: dev@dpdk.org Cc: hemant.agrawal@nxp.com, Akhil Goyal Date: Mon, 1 Jun 2020 23:32:29 +0530 Message-Id: <20200601180229.26566-2-akhil.goyal@nxp.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20200601180229.26566-1-akhil.goyal@nxp.com> References: <20200601180229.26566-1-akhil.goyal@nxp.com> X-Virus-Scanned: ClamAV using ClamSMTP Subject: [dpdk-dev] [PATCH 2/2] test/crypto: enable hfn override in PDCP cases X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" As most of the real woeld use cases need HFN value to be updated on per packet basis, changing the default testing with HFN override enabled for all PDCP cases. Signed-off-by: Akhil Goyal --- app/test-crypto-perf/cperf_ops.c | 10 +++++++--- app/test/test_cryptodev.c | 13 +++++++++++-- 2 files changed, 18 insertions(+), 5 deletions(-) diff --git a/app/test-crypto-perf/cperf_ops.c b/app/test-crypto-perf/cperf_ops.c index 97584ceed..847982219 100644 --- a/app/test-crypto-perf/cperf_ops.c +++ b/app/test-crypto-perf/cperf_ops.c @@ -25,6 +25,10 @@ cperf_set_ops_security(struct rte_crypto_op **ops, struct rte_security_session *sec_sess = (struct rte_security_session *)sess; + uint32_t *per_pkt_hfn = rte_crypto_op_ctod_offset(ops[i], + uint32_t *, iv_offset); + *per_pkt_hfn = 0x1; + ops[i]->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED; rte_security_attach_session(ops[i], sec_sess); sym_op->m_src = (struct rte_mbuf *)((uint8_t *)ops[i] + @@ -529,16 +533,15 @@ cperf_create_session(struct rte_mempool *sess_mp, cipher_xform.cipher.algo = options->cipher_algo; cipher_xform.cipher.op = options->cipher_op; cipher_xform.cipher.iv.offset = iv_offset; + cipher_xform.cipher.iv.length = 4; /* cipher different than null */ if (options->cipher_algo != RTE_CRYPTO_CIPHER_NULL) { cipher_xform.cipher.key.data = test_vector->cipher_key.data; cipher_xform.cipher.key.length = test_vector->cipher_key.length; - cipher_xform.cipher.iv.length = test_vector->cipher_iv.length; } else { cipher_xform.cipher.key.data = NULL; cipher_xform.cipher.key.length = 0; - cipher_xform.cipher.iv.length = 0; } /* Setup Auth Parameters */ @@ -576,8 +579,9 @@ cperf_create_session(struct rte_mempool *sess_mp, .domain = options->pdcp_domain, .pkt_dir = 0, .sn_size = options->pdcp_sn_sz, - .hfn = 0x1, + .hfn = 0x0, .hfn_threshold = 0x70C0A, + .hfn_ovrd = 1, } }, .crypto_xform = &cipher_xform }; diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c index 8f631468b..f4ed89c1c 100644 --- a/app/test/test_cryptodev.c +++ b/app/test/test_cryptodev.c @@ -7385,7 +7385,8 @@ test_pdcp_proto_SGL(int i, int oop, ut_params->cipher_xform.cipher.key.data = pdcp_test_crypto_key[i]; ut_params->cipher_xform.cipher.key.length = pdcp_test_params[i].cipher_key_len; - ut_params->cipher_xform.cipher.iv.length = 0; + ut_params->cipher_xform.cipher.iv.length = 4; + ut_params->cipher_xform.cipher.iv.offset = IV_OFFSET; /* Setup HMAC Parameters if ICV header is required */ if (pdcp_test_params[i].auth_alg != 0) { @@ -7410,8 +7411,12 @@ test_pdcp_proto_SGL(int i, int oop, .domain = pdcp_test_params[i].domain, .pkt_dir = pdcp_test_packet_direction[i], .sn_size = pdcp_test_data_sn_size[i], - .hfn = pdcp_test_hfn[i], + .hfn = 0, /** + * hfn can be set as pdcp_test_hfn[i] + * if hfn_ovrd is not set + */ .hfn_threshold = pdcp_test_hfn_threshold[i], + .hfn_ovrd = 1, } }, .crypto_xform = &ut_params->cipher_xform }; @@ -7438,6 +7443,10 @@ test_pdcp_proto_SGL(int i, int oop, goto on_err; } + uint32_t *per_pkt_hfn = rte_crypto_op_ctod_offset(ut_params->op, + uint32_t *, IV_OFFSET); + *per_pkt_hfn = pdcp_test_hfn[i]; + rte_security_attach_session(ut_params->op, ut_params->sec_session); /* set crypto operation source mbuf */