cryptodev: add asymmetric operational capability

Asymmetric crypto algorithms such as SM2, EdDSA would need per op
capability and based on it, the input param to a crypto operation
is chosen wisely.

cryptodev: add asymmetric operational capability

Asymmetric crypto algorithms such as SM2, EdDSA would need per op
capability and based on it, the input param to a crypto operation
is chosen wisely.

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
Acked-by: Arkadiusz Kusztal <arkadiuszx.kusztal@intel.com>

show more ...

cryptodev: add queue pair reset API

The API will reset the specific queue pair of a cryptodev.
The current API, cryptodev_queue_pair_setup(), requires the cryptodev
to be stopped before reconfigurin

cryptodev: add queue pair reset API

The API will reset the specific queue pair of a cryptodev.
The current API, cryptodev_queue_pair_setup(), requires the cryptodev
to be stopped before reconfiguring any queue pair. Stopping the
cryptodev in one thread can result in a segmentation fault when
multiple queues are used for enqueue and dequeue operations.

On supported PMDs, the cryptodev_queue_pair_reset() will
reconfigure/reset the queue pair without affecting other queues or
the cryptodev state.

The caller should ensure that there are no enqueue or dequeue operations
ongoing on that queue and that there are no inflight packets before
calling this API.

Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>

show more ...

cryptodev: add queue pair priority

Added a new field priority in `rte_cryptodev_qp_conf`,
to set the queue pair priority while setting up.
The priorities can be set between
`RTE_CRYPTODEV_QP_PRIORIT

cryptodev: add queue pair priority

Added a new field priority in `rte_cryptodev_qp_conf`,
to set the queue pair priority while setting up.
The priorities can be set between
`RTE_CRYPTODEV_QP_PRIORITY_HIGHEST` and
`RTE_CRYPTODEV_QP_PRIORITY_LOWEST`.
The underlying implementation may normalize the value
as per the supported priority levels.
If the implementation does not support setting up
priority, all queue pairs will be on same priority level
and this field will be ignored.

Signed-off-by: Akhil Goyal <gakhil@marvell.com>

show more ...

use C linkage where appropriate in headers

Assure that 'extern "C" { /../ }' do not cover files included from a
particular header file, and address minor issues resulting from this
change of order.

use C linkage where appropriate in headers

Assure that 'extern "C" { /../ }' do not cover files included from a
particular header file, and address minor issues resulting from this
change of order.

Dealing with C++ should delegate to the individual include file level,
rather than being imposed by the user of that file. For example,
forcing C linkage prevents __Generic macros being replaced with
overloaded static inline functions in C++ translation units.

Eliminate 'extern "C"' from files which do not declare any symbols
(e.g., only macros or struct types).

On the other hand, the headers check is too naive in assuming that all
headers must contain a 'extern "C"'. Such a check was added in commit
1ee492bdc4ff ("buildtools/chkincs: check missing C++ guards").
Since this current change results in many headers not containing such
a token, remove the check for 'extern "C"' until we have a better
implementation.

Signed-off-by: Mattias Rönnblom <mattias.ronnblom@ericsson.com>
Acked-by: Morten Brørup <mb@smartsharesystems.com>
Signed-off-by: David Marchand <david.marchand@redhat.com>

show more ...

cryptodev: validate crypto callbacks from next node

Crypto callbacks are invoked on checking from head node
which is always valid pointer.

This patch checks next node from the head node if callback

cryptodev: validate crypto callbacks from next node

Crypto callbacks are invoked on checking from head node
which is always valid pointer.

This patch checks next node from the head node if callbacks
registered before invoking callbacks.

Fixes: 1c3ffb95595e ("cryptodev: add enqueue and dequeue callbacks")
Cc: stable@dpdk.org

Signed-off-by: Ganapati Kundapura <ganapati.kundapura@intel.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>

show more ...

cryptodev: add API to get used queue pair depth

Added a new fast path API to get used queue pair
descriptors of a specific queue pair of a device.
Applications may monitor the depth used and enqueue

cryptodev: add API to get used queue pair depth

Added a new fast path API to get used queue pair
descriptors of a specific queue pair of a device.
Applications may monitor the depth used and enqueue
crypto ops accordingly.

Signed-off-by: Akhil Goyal <gakhil@marvell.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>

show more ...

remove extension keyword for flex arrays

Flex arrays are part of the C99 standard.
No need to mark them with __extension__.

Signed-off-by: David Marchand <david.marchand@redhat.com>
Acked-by: Morte

remove extension keyword for flex arrays

Flex arrays are part of the C99 standard.
No need to mark them with __extension__.

Signed-off-by: David Marchand <david.marchand@redhat.com>
Acked-by: Morten Brørup <mb@smartsharesystems.com>

show more ...

lib: use log helper with prefix

Use RTE_LOG_LINE_PREFIX instead of RTE_LOG_LINE in macro expansions
which allows a prefix and arguments to be inserted into the log line
without the need to use the #

lib: use log helper with prefix

Use RTE_LOG_LINE_PREFIX instead of RTE_LOG_LINE in macro expansions
which allows a prefix and arguments to be inserted into the log line
without the need to use the ## args variadic argument pack extension.

Signed-off-by: Tyler Retzlaff <roretzla@linux.microsoft.com>
Acked-by: Morten Brørup <mb@smartsharesystems.com>
Acked-by: Stephen Hemminger <stephen@networkplumber.org>
Acked-by: Konstantin Ananyev <konstantin.ananyev@huawei.com>

show more ...

cryptodev: remove unused extern variable

The variable rte_cyptodev_names is unused and misspelled.

Fixes: c0f87eb5252b ("cryptodev: change burst API to be crypto op oriented")
Cc: stable@dpdk.org

cryptodev: remove unused extern variable

The variable rte_cyptodev_names is unused and misspelled.

Fixes: c0f87eb5252b ("cryptodev: change burst API to be crypto op oriented")
Cc: stable@dpdk.org

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Acked-by: Akhil Goyal <gakhil@marvell.com>

show more ...

lib: use per line logging in helpers

Use RTE_LOG_LINE in existing macros that append a \n.
This will help catching unwanted newline character or multilines
in log messages.

Signed-off-by: David Mar

lib: use per line logging in helpers

Use RTE_LOG_LINE in existing macros that append a \n.
This will help catching unwanted newline character or multilines
in log messages.

Signed-off-by: David Marchand <david.marchand@redhat.com>
Reviewed-by: Chengwen Feng <fengchengwen@huawei.com>
Reviewed-by: Andrew Rybchenko <andrew.rybchenko@oktetlabs.ru>

show more ...

cryptodev: use a dynamic logtype

The cryptodev logs are all referenced via rte_cryptodev.h,
so make it dynamic there.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Acked-by: Akhil G

cryptodev: use a dynamic logtype

The cryptodev logs are all referenced via rte_cryptodev.h,
so make it dynamic there.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Acked-by: Akhil Goyal <gakhil@marvell.com>

show more ...

cryptodev: promote some functions as stable

All the cryptodev API's from 2022 backwards should be stable
at this point.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Acked-by: Akhil

cryptodev: promote some functions as stable

All the cryptodev API's from 2022 backwards should be stable
at this point.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Acked-by: Akhil Goyal <gakhil@marvell.com>

show more ...

cryptodev: use stdatomic API

Replace the use of gcc builtin __atomic_xxx intrinsics with
corresponding rte_atomic_xxx optional stdatomic API

Signed-off-by: Tyler Retzlaff <roretzla@linux.microsoft.

cryptodev: use stdatomic API

Replace the use of gcc builtin __atomic_xxx intrinsics with
corresponding rte_atomic_xxx optional stdatomic API

Signed-off-by: Tyler Retzlaff <roretzla@linux.microsoft.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
Acked-by: Konstantin Ananyev <konstantin.v.ananyev@yandex.ru>
Acked-by: David Marchand <david.marchand@redhat.com>

show more ...

security: add fallback security processing and Rx inject

Add alternate datapath API for security processing which would do Rx
injection (similar to loopback) after successful security processing.

W

security: add fallback security processing and Rx inject

Add alternate datapath API for security processing which would do Rx
injection (similar to loopback) after successful security processing.

With inline protocol offload, variable part of the session context
(AR windows, lifetime etc in case of IPsec), is not accessible to the
application. If packets are not getting processed in the inline path
due to non security reasons (such as outer fragmentation or rte_flow
packet steering limitations), then the packet cannot be security
processed as the session context is private to the PMD and security
library doesn't provide alternate APIs to make use of the same session.

Introduce new API and Rx injection as fallback mechanism to security
processing failures due to non-security reasons. For example, when there
is outer fragmentation and PMD doesn't support reassembly of outer
fragments, application would receive fragments which it can then
reassemble. Post successful reassembly, packet can be submitted for
security processing and Rx inject. The packets can be then received in
the application as normal inline protocol processed packets.

Same API can be leveraged in lookaside protocol offload mode to inject
packet to Rx. This would help in using rte_flow based packet parsing
after security processing. For example, with IPsec, this will help in
flow splitting after IPsec processing is done.

In both inline protocol capable ethdevs and lookaside protocol capable
cryptodevs, the packet would be received back in eth port & queue based
on rte_flow rules and packet parsing after security processing. The API
would behave like a loopback but with the additional security
processing.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>

show more ...

cryptodev: add RNG capability in EC based xform

Elliptic curve based asymmetric operations use cryptographically
secure random number in its computation. If PMD supports RNG
for such ops, the applic

cryptodev: add RNG capability in EC based xform

Elliptic curve based asymmetric operations use cryptographically
secure random number in its computation. If PMD supports RNG
for such ops, the application could skip computing on its own.
This patch adds new field in asymmetric capability to declare
this capability.

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Acked-by: Arkadiusz Kusztal <arkadiuszx.kusztal@intel.com>

show more ...

cryptodev: add hash algorithms in asymmetric capability

Most of the asymmetric operations start with hash of the input.
But a PMD might also support only plain input (eg openssl).
Add a new field in

cryptodev: add hash algorithms in asymmetric capability

Most of the asymmetric operations start with hash of the input.
But a PMD might also support only plain input (eg openssl).
Add a new field in asymmetric capability to declare support
for hash operations that PMD can support for the asymmetric
operations. Application can skip computing hash if PMD already
supports it.

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>

show more ...

cryptodev: add missing doc for security context

Description for rte_cryptodev_get_sec_ctx is missing. Add the same.

Fixes: eadb4fa1e1fe ("cryptodev: support security APIs")
Cc: stable@dpdk.org

Sig

cryptodev: add missing doc for security context

Description for rte_cryptodev_get_sec_ctx is missing. Add the same.

Fixes: eadb4fa1e1fe ("cryptodev: support security APIs")
Cc: stable@dpdk.org

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>

show more ...

remove C11 compatibility macro

C11 conformant compiler is documented as a minimum requirement to build
and consume DPDK.
Remove use of RTE_STD_C11 macro marking use of C11 features with
__extension_

remove C11 compatibility macro

C11 conformant compiler is documented as a minimum requirement to build
and consume DPDK.
Remove use of RTE_STD_C11 macro marking use of C11 features with
__extension__ since it is no longer necessary and then remove definition
of RTE_STD_C11 macro.

Signed-off-by: Tyler Retzlaff <roretzla@linux.microsoft.com>
Acked-by: Bruce Richardson <bruce.richardson@intel.com>
Reviewed-by: Morten Brørup <mb@smartsharesystems.com>

show more ...

lib: restrict use of keyword extern

Variable declarations in header files are using extern, it is valid.
But function declarations do not need the keyword extern.

Also, extern "C" should have a spa

lib: restrict use of keyword extern

Variable declarations in header files are using extern, it is valid.
But function declarations do not need the keyword extern.

Also, extern "C" should have a space after the keyword extern.

Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Acked-by: Bruce Richardson <bruce.richardson@intel.com>

show more ...

lib: remove extra asterisks ending comment blocks

A comment should always be terminated with */

Extra asterisks were found with this kind of command:
git grep '\* *\*/' lib

Signed-off-by: Thomas

lib: remove extra asterisks ending comment blocks

A comment should always be terminated with */

Extra asterisks were found with this kind of command:
git grep '\* *\*/' lib

Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Acked-by: Bruce Richardson <bruce.richardson@intel.com>

show more ...

lib: remove blank line ending comment blocks

At the end of a comment, no need for an extra line.

This pattern was fixed with the following command:
git ls lib | xargs sed -i '/^ *\* *$/{N;/ *\*\/ *

lib: remove blank line ending comment blocks

At the end of a comment, no need for an extra line.

This pattern was fixed with the following command:
git ls lib | xargs sed -i '/^ *\* *$/{N;/ *\*\/ *$/D;}'

Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Acked-by: Bruce Richardson <bruce.richardson@intel.com>
Reviewed-by: Ruifeng Wang <ruifeng.wang@arm.com>

show more ...

cryptodev: update raw datapath API documentation

Clarified the error codes returned by rte_cryptodev_raw_dp_ctx.
Cryptodev can return -ENOTSUP to indicate
any unsupported features with raw APIs.

Re

cryptodev: update raw datapath API documentation

Clarified the error codes returned by rte_cryptodev_raw_dp_ctx.
Cryptodev can return -ENOTSUP to indicate
any unsupported features with raw APIs.

Remove redundant references about 'rte_cryptodev_raw_attach_session()'.
The API is not part of the specification.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>

show more ...

cryptodev: clarify error codes for symmetric session

When symmetric sessions are created, it may fail due to non-critical
errors. When PMD doesn't support the specific combination that
application r

cryptodev: clarify error codes for symmetric session

When symmetric sessions are created, it may fail due to non-critical
errors. When PMD doesn't support the specific combination that
application requested, it can return -ENOTSUP which can be handled so in
application. The API is already setting rte_errno according to the
reason of the failure. Clarifying this in the spec to list down possible
error codes.

Fixes: bdce2564dbf7 ("cryptodev: rework session framework")
Cc: stable@dpdk.org

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Acked-by: Ciara Power <ciara.power@intel.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>

show more ...

doc: fix code blocks in cryptodev guide

Certain structures were replicated in programmer's guide,
which resulted in mismatch when that structure is changed
in future releases.
Added literal includes

doc: fix code blocks in cryptodev guide

Certain structures were replicated in programmer's guide,
which resulted in mismatch when that structure is changed
in future releases.
Added literal includes to copy code block while compiling.

Fixes: 0318c02b57cf ("doc: add cryptodev chapter in prog guide")
Cc: stable@dpdk.org

Reported-by: David Marchand <david.marchand@redhat.com>
Signed-off-by: Akhil Goyal <gakhil@marvell.com>
Acked-by: Ciara Power <ciara.power@intel.com>
Acked-by: Hemant Agrawal <hemant.agrawal@nxp.com>

show more ...

cryptodev: fix sym session mempool creation description

After the session mempool creation API is changed, some
description is no longer valid. This patch fixes the
descriptions in both API comment

cryptodev: fix sym session mempool creation description

After the session mempool creation API is changed, some
description is no longer valid. This patch fixes the
descriptions in both API comment and the programmer's guide.

Fixes: bdce2564dbf7 ("cryptodev: rework session framework")
Cc: stable@dpdk.org

Signed-off-by: Fan Zhang <fanzhang.oss@gmail.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>

show more ...