[dpdk-dev] [PATCH 4/6] crypto/octeontx2: improve error handling in session configure

Anoob Joseph anoobj at marvell.com
Sat May 16 11:26:56 CEST 2020


Session configure should return -ENOTSUP in case of unsupported xform
requests. Moving the validation of combinations out of cpt, as the
feature support will not be same across OCTEON TX and OCTEON TX2.

Signed-off-by: Ankur Dwivedi <adwivedi at marvell.com>
Signed-off-by: Anoob Joseph <anoobj at marvell.com>
---
 drivers/crypto/octeontx2/otx2_cryptodev_ops.c | 43 +++++++++++++++++++++++----
 1 file changed, 38 insertions(+), 5 deletions(-)

diff --git a/drivers/crypto/octeontx2/otx2_cryptodev_ops.c b/drivers/crypto/octeontx2/otx2_cryptodev_ops.c
index 0ae04c5..ad292a0 100644
--- a/drivers/crypto/octeontx2/otx2_cryptodev_ops.c
+++ b/drivers/crypto/octeontx2/otx2_cryptodev_ops.c
@@ -312,6 +312,41 @@ otx2_cpt_qp_destroy(const struct rte_cryptodev *dev, struct otx2_cpt_qp *qp)
 }
 
 static int
+sym_xform_verify(struct rte_crypto_sym_xform *xform)
+{
+	if (xform->next) {
+		if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
+		    xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
+		    xform->next->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT)
+			return -ENOTSUP;
+
+		if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
+		    xform->cipher.op == RTE_CRYPTO_CIPHER_OP_DECRYPT &&
+		    xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH)
+			return -ENOTSUP;
+
+		if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
+		    xform->cipher.algo == RTE_CRYPTO_CIPHER_3DES_CBC &&
+		    xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
+		    xform->next->auth.algo == RTE_CRYPTO_AUTH_SHA1)
+			return -ENOTSUP;
+
+		if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
+		    xform->auth.algo == RTE_CRYPTO_AUTH_SHA1 &&
+		    xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
+		    xform->next->cipher.algo == RTE_CRYPTO_CIPHER_3DES_CBC)
+			return -ENOTSUP;
+
+	} else {
+		if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
+		    xform->auth.algo == RTE_CRYPTO_AUTH_NULL &&
+		    xform->auth.op == RTE_CRYPTO_AUTH_OP_VERIFY)
+			return -ENOTSUP;
+	}
+	return 0;
+}
+
+static int
 sym_session_configure(int driver_id, struct rte_crypto_sym_xform *xform,
 		      struct rte_cryptodev_sym_session *sess,
 		      struct rte_mempool *pool)
@@ -320,10 +355,9 @@ sym_session_configure(int driver_id, struct rte_crypto_sym_xform *xform,
 	void *priv;
 	int ret;
 
-	if (unlikely(cpt_is_algo_supported(xform))) {
-		CPT_LOG_ERR("Crypto xform not supported");
-		return -ENOTSUP;
-	}
+	ret = sym_xform_verify(xform);
+	if (unlikely(ret))
+		return ret;
 
 	if (unlikely(rte_mempool_get(pool, &priv))) {
 		CPT_LOG_ERR("Could not allocate session private data");
@@ -373,7 +407,6 @@ sym_session_configure(int driver_id, struct rte_crypto_sym_xform *xform,
 priv_put:
 	rte_mempool_put(pool, priv);
 
-	CPT_LOG_ERR("Crypto xform not supported");
 	return -ENOTSUP;
 }
 
-- 
2.7.4



More information about the dev mailing list