crypto/openssl: support AES-CMAC operations

Extend openssl crypto PMD to support AES CMAC operations.

Signed-off-by: Ashwin Sekhar T K <asekhar@marvell.com>
Acked-by: Kai Ji <kai.ji@intel.com>

bus/vdev: make driver-only headers private

The vdev bus interface is for drivers only.
Mark as internal and move the header in the driver headers list.

While at it, cleanup the code:
- fix indentat

bus/vdev: make driver-only headers private

The vdev bus interface is for drivers only.
Mark as internal and move the header in the driver headers list.

While at it, cleanup the code:
- fix indentation,
- remove unneeded reference to bus specific singleton object,
- remove unneeded list head structure type,
- reorder the definitions and macro manipulating the bus singleton object,
- remove inclusion of rte_bus.h and fix the code that relied on implicit
inclusion,

Signed-off-by: David Marchand <david.marchand@redhat.com>
Acked-by: Rosen Xu <rosen.xu@intel.com>
Reviewed-by: Ruifeng Wang <ruifeng.wang@arm.com>

show more ...

crypto/openssl: fix 3.0 EVP_PKEY usage in RSA operations

EVP_PKEY function need to be called twice for RSA sign
and verify operations in 3.0 EVP API. Original OpenSSL
1.x routines are untouched. The

crypto/openssl: fix 3.0 EVP_PKEY usage in RSA operations

EVP_PKEY function need to be called twice for RSA sign
and verify operations in 3.0 EVP API. Original OpenSSL
1.x routines are untouched. The OPENSSL_API_COMPAT is
also removed as the driver now supports OpenSSL 3.0 lib
as well when it is detected on the host.

Fixes: d7bd42f6db19 ("crypto/openssl: update RSA routine with 3.0 EVP API")

Signed-off-by: Kai Ji <kai.ji@intel.com>

show more ...

crypto/openssl: update DSA routine with 3.0 EVP API

This patch updates asymmetric DSA routine in crypto openssl pmd
to adopt openssl 3.0 EVP apis. Divided the single combined DSA sign
test to two in

crypto/openssl: update DSA routine with 3.0 EVP API

This patch updates asymmetric DSA routine in crypto openssl pmd
to adopt openssl 3.0 EVP apis. Divided the single combined DSA sign
test to two individual DSA sign and DSA verfiy tests.

Signed-off-by: Kai Ji <kai.ji@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>

show more ...

crypto/openssl: update DH routine with 3.0 EVP API

This patch updates asymmetric DH routine in crypto openssl pmd
to adopt openssl 3.0 EVP apis.

Signed-off-by: Kai Ji <kai.ji@intel.com>
Acked-by: F

crypto/openssl: update DH routine with 3.0 EVP API

This patch updates asymmetric DH routine in crypto openssl pmd
to adopt openssl 3.0 EVP apis.

Signed-off-by: Kai Ji <kai.ji@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>

show more ...

crypto/openssl: update RSA routine with 3.0 EVP API

This patch updates asymmetric RSA routine in crypto openssl pmd
to adopt openssl 3.0 EVP apis.

Signed-off-by: Kai Ji <kai.ji@intel.com>
Acked-by:

crypto/openssl: update RSA routine with 3.0 EVP API

This patch updates asymmetric RSA routine in crypto openssl pmd
to adopt openssl 3.0 EVP apis.

Signed-off-by: Kai Ji <kai.ji@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>

show more ...

crypto/openssl: update HMAC routine with 3.0 EVP API

This patch update the symmetric HMAC routine in crypto openssl
pmd to adopt openssl 3.0 EVP apis.

Signed-off-by: Kai Ji <kai.ji@intel.com>
Acked

crypto/openssl: update HMAC routine with 3.0 EVP API

This patch update the symmetric HMAC routine in crypto openssl
pmd to adopt openssl 3.0 EVP apis.

Signed-off-by: Kai Ji <kai.ji@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>

show more ...

cryptodev: move RSA padding into separate struct

- move RSA padding into separate struct.
More padding members should be added into padding,
therefore having separate struct for padding parameters w

cryptodev: move RSA padding into separate struct

- move RSA padding into separate struct.
More padding members should be added into padding,
therefore having separate struct for padding parameters will
make this more readable.

Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>

show more ...

cryptodev: move DH type from xform to DH op

- Moved DH operation type to DH operation struct.
Operation type (PUBLIC_KEY_GENERATION, SHARED_SECRET) should
be free to choose for any operation. One xf

cryptodev: move DH type from xform to DH op

- Moved DH operation type to DH operation struct.
Operation type (PUBLIC_KEY_GENERATION, SHARED_SECRET) should
be free to choose for any operation. One xform/session should
be enough to perform both DH operations, if op_type would be xform
member, session would have to be created twice for the same
group. Similar problem would be observed in sessionless case.
Additionally, it will help extend DH to support Elliptic Curves.
- Changed order of Diffie-Hellman operation phases.
Now it corresponds with the order of operations.

Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>

show more ...

cryptodev: separate key exchange operation enum

- Separated key exchange enum from asym op type.
Key exchange and asymmetric crypto operations like signatures,
encryption/decryption should not share

cryptodev: separate key exchange operation enum

- Separated key exchange enum from asym op type.
Key exchange and asymmetric crypto operations like signatures,
encryption/decryption should not share same operation enum as
its use cases are unrelated and mutually exclusive.
Therefore op_type was separate into:
1) operation type
2) key exchange operation type

Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>

show more ...

drivers/crypto: fix warnings for OpenSSL version

The API of the OpenSSL library has changed with version 3.0. This results
in a lot of compiler warnings like

../dpdk/drivers/crypto/ccp/ccp_cryp

drivers/crypto: fix warnings for OpenSSL version

The API of the OpenSSL library has changed with version 3.0. This results
in a lot of compiler warnings like

../dpdk/drivers/crypto/ccp/ccp_crypto.c:182:9:
warning: ‘SHA256_Transform’ is deprecated:
Since OpenSSL 3.0 [-Wdeprecated-declarations]

As many Linux distributions still use elder OpenSSL libraries we cannot
change the used API now. Instead define OPENSSL_API_COMPAT to indicate
that we are using the OpenSSL 1.1.0 API.

OPENSSL_API_COMPAT is introduced in *.c files and not in *.h files as some
*.c files directly include OpenSSL headers.

Fixes: d61f70b4c918 ("crypto/libcrypto: add driver for OpenSSL library")
Cc: stable@dpdk.org

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Tested-by: Daxue Gao <daxuex.gao@intel.com>
Tested-by: David Marchand <david.marchand@redhat.com>
Acked-by: Kai Ji <kai.ji@intel.com>

show more ...

cryptodev: use single mempool for asymmetric session

Rather than using a session buffer that contains pointers to private
session data elsewhere, have a single session buffer.
This session is create

cryptodev: use single mempool for asymmetric session

Rather than using a session buffer that contains pointers to private
session data elsewhere, have a single session buffer.
This session is created for a driver ID, and the mempool element
contains space for the max session private data needed for any driver.

Signed-off-by: Ciara Power <ciara.power@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>

show more ...

drivers/crypto: invoke probing finish function

Invoke event_dev_probing_finish() function at the end of probing,
this function sets the function pointers in the fp_ops flat array
in case of secondar

drivers/crypto: invoke probing finish function

Invoke event_dev_probing_finish() function at the end of probing,
this function sets the function pointers in the fp_ops flat array
in case of secondary process.
For primary process, fp_ops is updated in rte_cryptodev_start().

Signed-off-by: Akhil Goyal <gakhil@marvell.com>
Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Matan Azrad <matan@nvidia.com>

show more ...

cryptodev: expose driver interface as internal

The rte_cryptodev_pmd.* files are for drivers only and should be
private to DPDK, and not installed for app use.

Signed-off-by: Akhil Goyal <gakhil@ma

cryptodev: expose driver interface as internal

The rte_cryptodev_pmd.* files are for drivers only and should be
private to DPDK, and not installed for app use.

Signed-off-by: Akhil Goyal <gakhil@marvell.com>
Acked-by: Matan Azrad <matan@nvidia.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Hemant Agrawal <hemant.agrawal@nxp.com>

show more ...

crypto/openssl: fix CCM processing 0 length source

When given a source length 0 for CCM, the encryption and decryption
functions did not call the EVP_ENCRYPTUPDATE/EVP_DECRYPTUPDATE functions
with a

crypto/openssl: fix CCM processing 0 length source

When given a source length 0 for CCM, the encryption and decryption
functions did not call the EVP_ENCRYPTUPDATE/EVP_DECRYPTUPDATE functions
with a src and dst, causing some FIPS validation failures for testcases
with PLen=0:

process_openssl_auth_encryption_ccm() line 1131:
Process openssl auth encryption ccm failed

Fixes: 1a4998dc4d94 ("crypto/openssl: support AES-CCM")
Cc: stable@dpdk.org

Signed-off-by: Ciara Power <ciara.power@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>

show more ...

log: register with standardized names

Let's try to enforce the convention where most drivers use a pmd. logtype
with their class reflected in it, and libraries use a lib. logtype.

Introduce two new

log: register with standardized names

Let's try to enforce the convention where most drivers use a pmd. logtype
with their class reflected in it, and libraries use a lib. logtype.

Introduce two new macros:
- RTE_LOG_REGISTER_DEFAULT can be used when a single logtype is
used in a component. It is associated to the default name provided
by the build system,
- RTE_LOG_REGISTER_SUFFIX can be used when multiple logtypes are used,
and then the passed name is appended to the default name,

RTE_LOG_REGISTER is left untouched for existing external users
and for components that do not comply with the convention.

There is a new Meson variable log_prefix to adapt the default name
for baseband (pmd.bb.), bus (no pmd.) and mempool (no pmd.) classes.

Note: achieved with below commands + reverted change on net/bonding +
edits on crypto/virtio, compress/mlx5, regex/mlx5

$ git grep -l RTE_LOG_REGISTER drivers/ |
while read file; do
pattern=${file##drivers/};
class=${pattern%%/*};
pattern=${pattern#$class/};
drv=${pattern%%/*};
case "$class" in
baseband) pattern=pmd.bb.$drv;;
bus) pattern=bus.$drv;;
mempool) pattern=mempool.$drv;;
*) pattern=pmd.$class.$drv;;
esac
sed -i -e 's/RTE_LOG_REGISTER(\(.*\), '$pattern',/RTE_LOG_REGISTER_DEFAULT(\1,/' $file;
sed -i -e 's/RTE_LOG_REGISTER(\(.*\), '$pattern'\.\(.*\),/RTE_LOG_REGISTER_SUFFIX(\1, \2,/' $file;
done

$ git grep -l RTE_LOG_REGISTER lib/ |
while read file; do
pattern=${file##lib/};
pattern=lib.${pattern%%/*};
sed -i -e 's/RTE_LOG_REGISTER(\(.*\), '$pattern',/RTE_LOG_REGISTER_DEFAULT(\1,/' $file;
sed -i -e 's/RTE_LOG_REGISTER(\(.*\), '$pattern'\.\(.*\),/RTE_LOG_REGISTER_SUFFIX(\1, \2,/' $file;
done

Signed-off-by: David Marchand <david.marchand@redhat.com>
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Acked-by: Bruce Richardson <bruce.richardson@intel.com>

show more ...

log: introduce logtype register macro

Introduce the RTE_LOG_REGISTER macro to avoid the code duplication
in the logtype registration process.

It is a wrapper macro for declaring the logtype, regist

log: introduce logtype register macro

Introduce the RTE_LOG_REGISTER macro to avoid the code duplication
in the logtype registration process.

It is a wrapper macro for declaring the logtype, registering it and
setting its level in the constructor context.

Signed-off-by: Jerin Jacob <jerinj@marvell.com>
Acked-by: Adam Dybkowski <adamx.dybkowski@intel.com>
Acked-by: Sachin Saxena <sachin.saxena@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

show more ...

cryptodev: add session-less feature flag

Add feature flag for symmetric sessionless support,
so it can be checked by applications.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acke

cryptodev: add session-less feature flag

Add feature flag for symmetric sessionless support,
so it can be checked by applications.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Adam Dybkowski <adamx.dybkowski@intel.com>
Tested-by: Ruifeng Wang <ruifeng.wang@arm.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

show more ...

crypto/openssl: fix out-of-place encryption

When authenticating after encrypting, if the operation
is out-of-place, the destination buffer is the one
that will get authenticated.
If the cipher offse

crypto/openssl: fix out-of-place encryption

When authenticating after encrypting, if the operation
is out-of-place, the destination buffer is the one
that will get authenticated.
If the cipher offset is higher than the authentication
offset, it means that part of the text to authenticate
will be plaintext, so this needs to get copied to the
destination buffer, or the result will be incorrect.

Fixes: d61f70b4c918 ("crypto/libcrypto: add driver for OpenSSL library")
Cc: stable@dpdk.org

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

show more ...

drivers: fix log type variables for -fno-common

The zlib compression driver, as well as the aesni-gcm, aesni-mb and openssl
crypto drivers all defined the logtype variable in the header file
directl

drivers: fix log type variables for -fno-common

The zlib compression driver, as well as the aesni-gcm, aesni-mb and openssl
crypto drivers all defined the logtype variable in the header file
directly. This gives errors with gcc 10, due to -fno-common being the
default, so we need to apply the same fix in all cases:
* move the variable definition to a suitable .c file
* mark the forward declaration of the variable in the header as "extern"

Fixes: 0c4e4c16b004 ("compress/zlib: introduce zlib PMD")
Fixes: 90c8a2d02a31 ("crypto/aesni_gcm: add dynamic logging")
Fixes: 276624ae2ef6 ("crypto/aesni_mb: add dynamic logging")
Fixes: 094b2386f461 ("crypto/openssl: add dynamic logging")
Cc: stable@dpdk.org

Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Acked-by: Lukasz Wojciechowski <l.wojciechow@partner.samsung.com>

show more ...

drivers/crypto: fix session-less mode

When OpenSSL or AESNI-MB cryptodev is being used in sessionless mode
for symmetric crypto operation (e.g. SHA256 hash), the driver prints
error message:

CR

drivers/crypto: fix session-less mode

When OpenSSL or AESNI-MB cryptodev is being used in sessionless mode
for symmetric crypto operation (e.g. SHA256 hash), the driver prints
error message:

CRYPTODEV: set_sym_session_private_data() line 489:
Set private data for driver 0 not allowed

Then, AESNI-MB driver segfaults in post_process_mb_job().

Bugzilla ID: 377
Fixes: b3bbd9e5f2 ("cryptodev: support device independent sessions")
Fixes: c68d7aa354 ("crypto/aesni_mb: use architecture independent macros")
Cc: stable@dpdk.org

Signed-off-by: Junxiao Shi <git@mail1.yoursunny.com>

show more ...

crypto/openssl: support in-place scatter gather

As per current support, Scatter Gather is only supported
for out of place input and output buffers.
This patch add support for Scatter Gather for in-p

crypto/openssl: support in-place scatter gather

As per current support, Scatter Gather is only supported
for out of place input and output buffers.
This patch add support for Scatter Gather for in-place buffers.

Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>

show more ...

crypto/openssl: use local copy for session contexts

Session contexts are used for temporary storage when processing a
packet.
If packets for the same session are to be processed simultaneously on
mu

crypto/openssl: use local copy for session contexts

Session contexts are used for temporary storage when processing a
packet.
If packets for the same session are to be processed simultaneously on
multiple cores, separate contexts must be used.

Note: with openssl 1.1.1 EVP_CIPHER_CTX can no longer be defined as a
variable on the stack: it must be allocated. This in turn reduces the
performance.

Fixes: d61f70b4c918 ("crypto/libcrypto: add driver for OpenSSL library")
Cc: stable@dpdk.org

Signed-off-by: Thierry Herbelot <thierry.herbelot@6wind.com>

show more ...

rename private header files

Some of the internal header files have 'rte_' prefix
and some don't.
Remove 'rte_' prefix from all internal header files.

Suggested-by: Thomas Monjalon <thomas@monjalon.

rename private header files

Some of the internal header files have 'rte_' prefix
and some don't.
Remove 'rte_' prefix from all internal header files.

Suggested-by: Thomas Monjalon <thomas@monjalon.net>
Signed-off-by: Dharmik Thakkar <dharmik.thakkar@arm.com>
Reviewed-by: Phil Yang <phil.yang@arm.com>
Reviewed-by: Ruifeng Wang <ruifeng.wang@arm.com>

show more ...

drivers/crypto: remove some invalid comments

A comment valid in AESNI PMD was copied and pasted in other code

Fixes: 8a61c83af2fa ("crypto/mrvl: add mrvl crypto driver")
Fixes: 169ca3db550c ("crypt

drivers/crypto: remove some invalid comments

A comment valid in AESNI PMD was copied and pasted in other code

Fixes: 8a61c83af2fa ("crypto/mrvl: add mrvl crypto driver")
Fixes: 169ca3db550c ("crypto/armv8: add PMD optimized for ARMv8 processors")
Fixes: d61f70b4c918 ("crypto/libcrypto: add driver for OpenSSL library")
Cc: stable@dpdk.org

Signed-off-by: Thierry Herbelot <thierry.herbelot@6wind.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

show more ...