[PATCH 1/1] crypto/cnxk: enable 3des-cbc secure capability

Anoob Joseph anoobj at marvell.com
Mon May 2 09:42:33 CEST 2022

Previous message (by thread): [PATCH 1/1] crypto/cnxk: enable 3des-cbc secure capability
Next message (by thread): [PATCH] doc: update Linux core isolation guide
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Vamsi,

Please see inline.

Thanks,
Anoob

> -----Original Message-----
> From: Vamsi Attunuru <vattunuru at marvell.com>
> Sent: Saturday, April 30, 2022 11:07 AM
> To: dev at dpdk.org
> Cc: Anoob Joseph <anoobj at marvell.com>; Akhil Goyal
> <gakhil at marvell.com>; Vamsi Krishna Attunuru <vattunuru at marvell.com>
> Subject: [PATCH 1/1] crypto/cnxk: enable 3des-cbc secure capability
> 
> Patch enables 3DES-CBC secure capability of crypto device.
> 
> Signed-off-by: Vamsi Attunuru <vattunuru at marvell.com>
> ---
>  drivers/crypto/cnxk/cnxk_cryptodev.h          |  2 +-
>  .../crypto/cnxk/cnxk_cryptodev_capabilities.c | 24 +++++++++++++++++++
>  drivers/crypto/cnxk/cnxk_ipsec.h              |  3 ++-
>  3 files changed, 27 insertions(+), 2 deletions(-)
> 
> diff --git a/drivers/crypto/cnxk/cnxk_cryptodev.h
> b/drivers/crypto/cnxk/cnxk_cryptodev.h
> index b75d681185..8870021725 100644
> --- a/drivers/crypto/cnxk/cnxk_cryptodev.h
> +++ b/drivers/crypto/cnxk/cnxk_cryptodev.h
> @@ -11,7 +11,7 @@
>  #include "roc_cpt.h"
> 
>  #define CNXK_CPT_MAX_CAPS	 35
> -#define CNXK_SEC_CRYPTO_MAX_CAPS 12
> +#define CNXK_SEC_CRYPTO_MAX_CAPS 13
>  #define CNXK_SEC_MAX_CAPS	 9
>  #define CNXK_AE_EC_ID_MAX	 8
>  /**
> diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
> b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
> index 98b002d93a..ba9eaf2325 100644
> --- a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
> +++ b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
> @@ -862,6 +862,29 @@ static const struct rte_cryptodev_capabilities
> sec_caps_aes[] = {
>  	},
>  };
> 
> +static const struct rte_cryptodev_capabilities sec_caps_des[] = {
> +	{	/* 3DES CBC */
> +		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> +		{.sym = {
> +			.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
> +			{.cipher = {
> +				.algo = RTE_CRYPTO_CIPHER_3DES_CBC,
> +				.block_size = 8,
> +				.key_size = {
> +					.min = 24,
> +					.max = 24,
> +					.increment = 0
> +				},
> +				.iv_size = {
> +					.min = 8,
> +					.max = 16,
> +					.increment = 8
> +				}
> +			}, }
> +		}, }
> +	}
> +};
> +
>  static const struct rte_cryptodev_capabilities sec_caps_sha1_sha2[] = {
>  	{	/* SHA1 HMAC */
>  		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> @@ -1195,6 +1218,7 @@ sec_crypto_caps_populate(struct
> rte_cryptodev_capabilities cnxk_caps[],
>  	int cur_pos = 0;
> 
>  	SEC_CAPS_ADD(cnxk_caps, &cur_pos, hw_caps, aes);
> +	SEC_CAPS_ADD(cnxk_caps, &cur_pos, hw_caps, des);
>  	SEC_CAPS_ADD(cnxk_caps, &cur_pos, hw_caps, sha1_sha2);
> 
>  	if (roc_model_is_cn10k())
> diff --git a/drivers/crypto/cnxk/cnxk_ipsec.h
> b/drivers/crypto/cnxk/cnxk_ipsec.h
> index 171ea2774e..7c7833ac1b 100644
> --- a/drivers/crypto/cnxk/cnxk_ipsec.h
> +++ b/drivers/crypto/cnxk/cnxk_ipsec.h
> @@ -24,7 +24,8 @@ ipsec_xform_cipher_verify(struct
> rte_crypto_sym_xform *crypto_xform)
>  		return 0;
> 
>  	if (crypto_xform->cipher.algo == RTE_CRYPTO_CIPHER_AES_CBC ||
> -	    crypto_xform->cipher.algo == RTE_CRYPTO_CIPHER_AES_CTR) {
> +	    crypto_xform->cipher.algo == RTE_CRYPTO_CIPHER_AES_CTR ||
> +	    crypto_xform->cipher.algo == RTE_CRYPTO_CIPHER_3DES_CBC) {

[Anoob] We can support only key.length as 24 with 3DES. Rest of the checks are for AES. Please introduce a separate check for 3DES.

Rest of the patch looks good.
 
>  		switch (crypto_xform->cipher.key.length) {
>  		case 16:
>  		case 24:
> --
> 2.25.1

Previous message (by thread): [PATCH 1/1] crypto/cnxk: enable 3des-cbc secure capability
Next message (by thread): [PATCH] doc: update Linux core isolation guide
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list