examples/l2fwd-crypto: use cryptodev algorithm parser

L2fwd-crypto app was creating an array of strings for the
supported algorithms, which was different from the strings
that are now in cryptodev.

examples/l2fwd-crypto: use cryptodev algorithm parser

L2fwd-crypto app was creating an array of strings for the
supported algorithms, which was different from the strings
that are now in cryptodev.

Use the new API in cryptodev to parse the string from the user,
to get the algorithm enum, instead, so it is not necessary to add
a new supported algorithm in the cryptodev library and this app.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Acked-by: Hemant Agrawal <hemant.agrawal@nxp.com>

show more ...

examples: fix optind reset

The variable optind should be reset to one not zero.

From the man page:
"The variable optind is the index of the next element to be processed in
argv. The system initial

examples: fix optind reset

The variable optind should be reset to one not zero.

From the man page:
"The variable optind is the index of the next element to be processed in
argv. The system initializes this value to 1.
The caller can reset it to 1 to restart scanning of the same argv, or when
scanning a new argument vector.”

The problem I saw with my application was trying to parse the wrong
option, which can happen as DPDK parses the first part of the command line
and the application parses the second part. If you call getopt() multiple
times in the same execution, the behavior is not maintained when using
zero for optind.

Signed-off-by: Keith Wiles <keith.wiles@intel.com>

show more ...

examples/l2fwd-crypto: fix padding

L2fwd-crypto app was padding an incoming buffer,
to be aligned with the algorithm block size, in all cases.
This was not the right approach, as padding is only nec

examples/l2fwd-crypto: fix padding

L2fwd-crypto app was padding an incoming buffer,
to be aligned with the algorithm block size, in all cases.
This was not the right approach, as padding is only necessary
when using block cipher algorithms, such as AES-CBC.
In case of using a stream cipher algorithm, such as SNOW3G UEA2,
there is no need to include padding and increase the buffer size.

Fixes: 387259bd6c67 ("examples/l2fwd-crypto: add sample application")

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>

show more ...

examples/l2fwd-crypto: fix overflow

This commit fixes an array overflow when number of crypto devices
is higher than 32.

Fixes: 387259bd6c67 ("examples/l2fwd-crypto: add sample application")

Signe

examples/l2fwd-crypto: fix overflow

This commit fixes an array overflow when number of crypto devices
is higher than 32.

Fixes: 387259bd6c67 ("examples/l2fwd-crypto: add sample application")

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>

show more ...

examples/l2fwd-crypto: fix verify with decrypt in chain

This patch fixes crypto operation data parameters setting
in l2fwd-crypto application, making decryption in chain
with auth verification work.

examples/l2fwd-crypto: fix verify with decrypt in chain

This patch fixes crypto operation data parameters setting
in l2fwd-crypto application, making decryption in chain
with auth verification work.

How to reproduce the issue:

1. Run l2fwd_crypto with command:
-c 0x3 -n 4 --vdev "crypto_aesni_mb" \
--vdev "crypto_aesni_mb" \
-- -p 0x3 --chain CIPHER_HASH \
--cipher_op ENCRYPT --cipher_algo AES_CBC \
--cipher_key 00:01:02:03:04:05:06:07:08:09:0a:0b:0c:0d:0e:0f \
--iv 00:01:02:03:04:05:06:07:08:09:0a:0b:0c:0d:0e:ff \
--auth_op GENERATE --auth_algo SHA1_HMAC \
--auth_key
11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:
11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:
11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11

2. Send packet with payload and capture forwarded packet.
Payload in forwarded packet is encrypted, what is good.

3. Run l2fwd_crypto with command:
-c 0x3 -n 4 --vdev "crypto_aesni_mb" \
--vdev "crypto_aesni_mb" \
-- -p 0x3 --chain HASH_CIPHER \
--cipher_op DECRYPT --cipher_algo AES_CBC \
--cipher_key 00:01:02:03:04:05:06:07:08:09:0a:0b:0c:0d:0e:0f \
--iv 00:01:02:03:04:05:06:07:08:09:0a:0b:0c:0d:0e:ff \
--auth_op VERIFY --auth_algo SHA1_HMAC \
--auth_key
11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:
11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:
11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11

4. Send earlier captured packet and capture forwarded packet.
Payload in newly captured packet is not decrypted, what is wrong.

Fixes: 387259bd6c67 ("examples/l2fwd-crypto: add sample application")

Signed-off-by: Piotr Azarewicz <piotrx.t.azarewicz@intel.com>
Acked-by: Michal Jastrzebski <michalx.k.jastrzebski@intel.com>

show more ...

examples/l2fwd-crypto: update for libcrypto

Libcrypto PMD has support for:

Supported cipher algorithms:
RTE_CRYPTO_CIPHER_3DES_CBC
RTE_CRYPTO_CIPHER_AES_CBC
RTE_CRYPTO_CIPHER_AES_CTR
RTE_CRYPTO_CIP

examples/l2fwd-crypto: update for libcrypto

Libcrypto PMD has support for:

Supported cipher algorithms:
RTE_CRYPTO_CIPHER_3DES_CBC
RTE_CRYPTO_CIPHER_AES_CBC
RTE_CRYPTO_CIPHER_AES_CTR
RTE_CRYPTO_CIPHER_3DES_CTR
RTE_CRYPTO_CIPHER_AES_GCM

Supported authentication algorithms:
RTE_CRYPTO_AUTH_AES_GMAC
RTE_CRYPTO_AUTH_MD5
RTE_CRYPTO_AUTH_SHA1
RTE_CRYPTO_AUTH_SHA224
RTE_CRYPTO_AUTH_SHA256
RTE_CRYPTO_AUTH_SHA384
RTE_CRYPTO_AUTH_SHA512
RTE_CRYPTO_AUTH_MD5_HMAC
RTE_CRYPTO_AUTH_SHA1_HMAC
RTE_CRYPTO_AUTH_SHA224_HMAC
RTE_CRYPTO_AUTH_SHA256_HMAC
RTE_CRYPTO_AUTH_SHA384_HMAC
RTE_CRYPTO_AUTH_SHA512_HMAC

Signed-off-by: Daniel Mrzyglod <danielx.t.mrzyglod@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

show more ...

examples/l2fwd-crypto: enable ZUC EEA3 and EIA3

This patch enables ZUC EEA3 cipher algorithm and
ZUC EIA3 authentication algorithm support to
l2fwd-crypto sample application.

Signed-off-by: Pablo d

examples/l2fwd-crypto: enable ZUC EEA3 and EIA3

This patch enables ZUC EEA3 cipher algorithm and
ZUC EIA3 authentication algorithm support to
l2fwd-crypto sample application.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Deepak Kumar Jain <deepak.k.jain@intel.com>

show more ...

crypto: rename some SNOW 3G references

SNOW 3G algorithm has all uppercase letters in its name
and a space between SNOW and 3G, but some references of it
had some lowercase letters or no space.

Sig

crypto: rename some SNOW 3G references

SNOW 3G algorithm has all uppercase letters in its name
and a space between SNOW and 3G, but some references of it
had some lowercase letters or no space.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Deepak Kumar Jain <deepak.k.jain@intel.com>

show more ...

remove unused ring includes

This patch removes all unused <rte_ring.h> headers.

Signed-off-by: Amine Kherbouche <amine.kherbouche@6wind.com>

examples/l2fwd-crypto: call start function

The usual device sequence is configure, queue setup and start.
Crypto device should be started before use.

Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com

examples/l2fwd-crypto: call start function

The usual device sequence is configure, queue setup and start.
Crypto device should be started before use.

Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Signed-off-by: Thomas Monjalon <thomas.monjalon@6wind.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

show more ...

examples/l2fwd-crypto: improve random key generator

This patch improve generate_random_key() function by replacing rand()
function with reading from /dev/urandom.

CID 120136 : Calling risky functio

examples/l2fwd-crypto: improve random key generator

This patch improve generate_random_key() function by replacing rand()
function with reading from /dev/urandom.

CID 120136 : Calling risky function (DC.WEAK_CRYPTO)
dont_call: rand should not be used for security related applications, as
linear congruential algorithms are too easy to break

Coverity issue: 120136

Signed-off-by: Piotr Azarewicz <piotrx.t.azarewicz@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>

show more ...

examples/l2fwd-crypto: fix stats array length

crypto_statistics array was not big enough for storing
all the possible crypto device statistics, as its size was
RTE_MAX_ETHPORTS, but should be RTE_CR

examples/l2fwd-crypto: fix stats array length

crypto_statistics array was not big enough for storing
all the possible crypto device statistics, as its size was
RTE_MAX_ETHPORTS, but should be RTE_CRYPTO_MAX_DEVS, leading
this to a potential out-of-bounds issue.

Coverity issue: 120145
Fixes: 387259bd6c67 ("examples/l2fwd-crypto: add sample application")

Signed-off-by: Slawomir Mrozowicz <slawomirx.mrozowicz@intel.com>
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>

show more ...

examples/l2fwd-crypto: flush buffers

Crypto operations are enqueued in the crypto devices
when the crypto device buffers are full (MAX_PKT_BURST),
in order to be more efficient.

The problem is that

examples/l2fwd-crypto: flush buffers

Crypto operations are enqueued in the crypto devices
when the crypto device buffers are full (MAX_PKT_BURST),
in order to be more efficient.

The problem is that operations might be stuck in those buffers,
if they never get full, and therefore, those operations
will never be performed.

Therefore, it is necessary to have a buffer flush mechanism,
similar to the one used for flush the TX buffers, so eventually,
all packets received are ciphered and sent out.

Fixes: 387259bd6c67 ("examples/l2fwd-crypto: add sample application")

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

show more ...

crypto/kasumi: add driver for KASUMI library

Added new SW PMD which makes use of the libsso_kasumi SW library,
which provides wireless algorithms KASUMI F8 and F9
in software.

This PMD supports cip

crypto/kasumi: add driver for KASUMI library

Added new SW PMD which makes use of the libsso_kasumi SW library,
which provides wireless algorithms KASUMI F8 and F9
in software.

This PMD supports cipher-only, hash-only and chained operations
("cipher then hash" and "hash then cipher") of the following
algorithms:
- RTE_CRYPTO_SYM_CIPHER_KASUMI_F8
- RTE_CRYPTO_SYM_AUTH_KASUMI_F9

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Deepak Kumar Jain <deepak.k.jain@intel.com>

show more ...

examples/l2fwd-crypto: fix supported key size check

When initializing crypto devices within the app,
the provided key sizes are checked against the supported
sizes from the crypto device capabilitie

examples/l2fwd-crypto: fix supported key size check

When initializing crypto devices within the app,
the provided key sizes are checked against the supported
sizes from the crypto device capabilities.

When the supported sizes are not a range, but a single value,
the check may become an infinite loop (when size is not supported).

Fixes: a061e50a0d97 ("examples/l2fwd-crypto: fix ambiguous input key size")

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Tested-by: Min Cao <min.cao@intel.com>

show more ...

examples/l2fwd-crypto: enable AES-XCBC-MAC authentication algo

This patch enables AES-XCBC-MAC authentication algorithm support to
l2fwd-crypto sample application.

Signed-off-by: Fan Zhang <roy.fan

examples/l2fwd-crypto: enable AES-XCBC-MAC authentication algo

This patch enables AES-XCBC-MAC authentication algorithm support to
l2fwd-crypto sample application.

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>

show more ...

examples/l2fwd-crypto: enable AES-CTR cipher algorithm

This patch enables AES counter mode algorithm support to l2fwd-crypto
sample application.

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
A

examples/l2fwd-crypto: enable AES-CTR cipher algorithm

This patch enables AES counter mode algorithm support to l2fwd-crypto
sample application.

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

show more ...

examples: remove useless check of port count

The rte_eth_dev_count() function will never return a value greater
than RTE_MAX_ETHPORTS, so that checking is useless.

Signed-off-by: Mauricio Vasquez B

examples: remove useless check of port count

The rte_eth_dev_count() function will never return a value greater
than RTE_MAX_ETHPORTS, so that checking is useless.

Signed-off-by: Mauricio Vasquez B <mauricio.vasquezbernal@studenti.polito.it>
Acked-by: Ferruh Yigit <ferruh.yigit@intel.com>

show more ...

examples/l2fwd-crypto: fix string overflow

When parsing crypto device type, the string was being copied
with strcpy(), which could overflow the destination buffer
(which is 32 byte long), so snprint

examples/l2fwd-crypto: fix string overflow

When parsing crypto device type, the string was being copied
with strcpy(), which could overflow the destination buffer
(which is 32 byte long), so snprintf() should be used instead.

This fixes coverity issue 124575:
/examples/l2fwd-crypto/main.c: 1005 in l2fwd_crypto_parse_args_long_options()
>>> CID 124575: (STRING_OVERFLOW)
>>> You might overrun the 32 byte fixed-size string
"options->string_auth_algo" by copying "optarg" without checking the length.
1005 strcpy(options->string_auth_algo, optarg);

Fixes: 49f79e86480d ("examples/l2fwd-crypto: add missing string initialization")

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>

show more ...

examples/l2fwd-crypto: fix build with icc

Fix for compilation errors for icc:
error #188: enumerated type mixed with another type

Fixes: 00c58901f1b3 ("examples/l2fwd-crypto: use key-value list of

examples/l2fwd-crypto: fix build with icc

Fix for compilation errors for icc:
error #188: enumerated type mixed with another type

Fixes: 00c58901f1b3 ("examples/l2fwd-crypto: use key-value list of supported algorithms")

Signed-off-by: Daniel Mrzyglod <danielx.t.mrzyglod@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

show more ...

ethdev: use constants for link state

Define and use ETH_LINK_UP and ETH_LINK_DOWN where appropriate.

Signed-off-by: Marc Sune <marcdevel@gmail.com>
Signed-off-by: Thomas Monjalon <thomas.monjalon@6

ethdev: use constants for link state

Define and use ETH_LINK_UP and ETH_LINK_DOWN where appropriate.

Signed-off-by: Marc Sune <marcdevel@gmail.com>
Signed-off-by: Thomas Monjalon <thomas.monjalon@6wind.com>

show more ...

examples/l2fwd-crypto: extend crypto information

Display extra crypto information (algorithms, keys/IV/AAD used, chain...),
so user can know exactly what operations are being carried out.

Signed-of

examples/l2fwd-crypto: extend crypto information

Display extra crypto information (algorithms, keys/IV/AAD used, chain...),
so user can know exactly what operations are being carried out.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Tested-by: Min Cao <min.cao@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>

show more ...

examples/l2fwd-crypto: use key-value list of supported algorithms

In order to ease the parsing and display of supported algorithms
in the application, two new arrays are created, which contains
the

examples/l2fwd-crypto: use key-value list of supported algorithms

In order to ease the parsing and display of supported algorithms
in the application, two new arrays are created, which contains
the strings of the different cipher and authentication algorithms,

These lists are used to parse the algorithms from the command line,
and will be used to display crypto information to the user.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>

show more ...

examples/l2fwd-crypto: clarify key parsing in help

Cipher/Auth keys, AAD and IV must be passed from command line
with ":" between bytes, but help was not clarifying that.

Signed-off-by: Pablo de La

examples/l2fwd-crypto: clarify key parsing in help

Cipher/Auth keys, AAD and IV must be passed from command line
with ":" between bytes, but help was not clarifying that.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>

show more ...

examples/l2fwd-crypto: fix ambiguous input key size

Some crypto algorithms support more than one key size
(including cipher key, authentication key, IV and AAD),
but the app was using always the min

examples/l2fwd-crypto: fix ambiguous input key size

Some crypto algorithms support more than one key size
(including cipher key, authentication key, IV and AAD),
but the app was using always the minimum size.

These changes allows the user to use an specific size,
either from the string provided with cipher_key, auth_key, iv and ADD
parameters, or from the values provided with cipher_key_random_size,
auth_key_random_size, iv_random_size and aad_random_size.

This also allows the user to specify the digest size.

Fixes: 1df9c0109f4c ("examples/l2fwd-crypto: parse key parameters")

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Tested-by: Min Cao <min.cao@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>

show more ...