patch 'crypto/ccp: fix IOVA handling' has been queued to stable release 21.11.4

Kevin Traynor ktraynor at redhat.com
Thu Feb 23 16:05:21 CET 2023


Hi,

FYI, your patch has been queued to stable release 21.11.4

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/28/23. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Queued patches are on a temporary branch at:
https://github.com/kevintraynor/dpdk-stable

This queued commit can be viewed at:
https://github.com/kevintraynor/dpdk-stable/commit/b2c5b2d8a87130ea095a1b202460927caf0d4d82

Thanks.

Kevin

---
>From b2c5b2d8a87130ea095a1b202460927caf0d4d82 Mon Sep 17 00:00:00 2001
From: David Marchand <david.marchand at redhat.com>
Date: Tue, 4 Oct 2022 11:51:31 +0200
Subject: [PATCH] crypto/ccp: fix IOVA handling

[ upstream commit 9631fb8f10dfafb0547fbf9127b162e62b2bef43 ]

Using IOVA or physical addresses is something that the user (via
--iova-mode=) or the bus code decides.

The crypto/ccp PCI driver should only use rte_mem_virt2iova.
It should not try to decide what to use solely based on the kmod
the PCI device is bound to.

While at it, the global variable sha_ctx looks unsafe and unneeded.
Remove it.

Fixes: 09a0fd736a08 ("crypto/ccp: enable IOMMU")

Signed-off-by: David Marchand <david.marchand at redhat.com>
Acked-by: Sunil Uttarwar <sunilprakashrao.uttarwar at amd.com>
---
 drivers/crypto/ccp/ccp_crypto.c  | 105 ++++++-------------------------
 drivers/crypto/ccp/ccp_dev.c     |   9 +--
 drivers/crypto/ccp/ccp_pci.c     |  34 ----------
 drivers/crypto/ccp/ccp_pci.h     |   3 -
 drivers/crypto/ccp/rte_ccp_pmd.c |   3 -
 5 files changed, 19 insertions(+), 135 deletions(-)

diff --git a/drivers/crypto/ccp/ccp_crypto.c b/drivers/crypto/ccp/ccp_crypto.c
index 4bab18323b..351d8ac63e 100644
--- a/drivers/crypto/ccp/ccp_crypto.c
+++ b/drivers/crypto/ccp/ccp_crypto.c
@@ -34,6 +34,4 @@
 #include <openssl/hmac.h>
 
-extern int iommu_mode;
-void *sha_ctx;
 /* SHA initial context values */
 uint32_t ccp_sha1_init[SHA_COMMON_DIGEST_SIZE / sizeof(uint32_t)] = {
@@ -749,11 +747,6 @@ ccp_configure_session_cipher(struct ccp_session *sess,
 		return -ENOTSUP;
 	}
-	if (iommu_mode == 2) {
-		sess->cipher.nonce_phys = rte_mem_virt2iova(sess->cipher.nonce);
-		sess->cipher.key_phys = rte_mem_virt2iova(sess->cipher.key_ccp);
-	} else {
-		sess->cipher.nonce_phys = rte_mem_virt2phy(sess->cipher.nonce);
-		sess->cipher.key_phys = rte_mem_virt2phy(sess->cipher.key_ccp);
-	}
+	sess->cipher.nonce_phys = rte_mem_virt2iova(sess->cipher.nonce);
+	sess->cipher.key_phys = rte_mem_virt2iova(sess->cipher.key_ccp);
 	return 0;
 }
@@ -794,5 +787,4 @@ ccp_configure_session_auth(struct ccp_session *sess,
 		sess->auth.ctx_len = CCP_SB_BYTES;
 		sess->auth.offset = CCP_SB_BYTES - SHA1_DIGEST_SIZE;
-		rte_memcpy(sha_ctx, sess->auth.ctx, SHA_COMMON_DIGEST_SIZE);
 		break;
 	case RTE_CRYPTO_AUTH_SHA1_HMAC:
@@ -833,5 +825,4 @@ ccp_configure_session_auth(struct ccp_session *sess,
 		sess->auth.ctx_len = CCP_SB_BYTES;
 		sess->auth.offset = CCP_SB_BYTES - SHA224_DIGEST_SIZE;
-		rte_memcpy(sha_ctx, sess->auth.ctx, SHA256_DIGEST_SIZE);
 		break;
 	case RTE_CRYPTO_AUTH_SHA224_HMAC:
@@ -896,5 +887,4 @@ ccp_configure_session_auth(struct ccp_session *sess,
 		sess->auth.ctx_len = CCP_SB_BYTES;
 		sess->auth.offset = CCP_SB_BYTES - SHA256_DIGEST_SIZE;
-		rte_memcpy(sha_ctx, sess->auth.ctx, SHA256_DIGEST_SIZE);
 		break;
 	case RTE_CRYPTO_AUTH_SHA256_HMAC:
@@ -959,5 +949,4 @@ ccp_configure_session_auth(struct ccp_session *sess,
 		sess->auth.ctx_len = CCP_SB_BYTES << 1;
 		sess->auth.offset = (CCP_SB_BYTES << 1) - SHA384_DIGEST_SIZE;
-		rte_memcpy(sha_ctx, sess->auth.ctx, SHA512_DIGEST_SIZE);
 		break;
 	case RTE_CRYPTO_AUTH_SHA384_HMAC:
@@ -1024,5 +1013,4 @@ ccp_configure_session_auth(struct ccp_session *sess,
 		sess->auth.ctx_len = CCP_SB_BYTES << 1;
 		sess->auth.offset = (CCP_SB_BYTES << 1) - SHA512_DIGEST_SIZE;
-		rte_memcpy(sha_ctx, sess->auth.ctx, SHA512_DIGEST_SIZE);
 		break;
 	case RTE_CRYPTO_AUTH_SHA512_HMAC:
@@ -1174,11 +1162,6 @@ ccp_configure_session_aead(struct ccp_session *sess,
 		return -ENOTSUP;
 	}
-	if (iommu_mode == 2) {
-		sess->cipher.nonce_phys = rte_mem_virt2iova(sess->cipher.nonce);
-		sess->cipher.key_phys = rte_mem_virt2iova(sess->cipher.key_ccp);
-	} else {
-		sess->cipher.nonce_phys = rte_mem_virt2phy(sess->cipher.nonce);
-		sess->cipher.key_phys = rte_mem_virt2phy(sess->cipher.key_ccp);
-	}
+	sess->cipher.nonce_phys = rte_mem_virt2iova(sess->cipher.nonce);
+	sess->cipher.key_phys = rte_mem_virt2iova(sess->cipher.key_ccp);
 	return 0;
 }
@@ -1595,12 +1578,6 @@ ccp_perform_hmac(struct rte_crypto_op *op,
 	append_ptr = (void *)rte_pktmbuf_append(op->sym->m_src,
 						session->auth.ctx_len);
-	if (iommu_mode == 2) {
-		dest_addr = (phys_addr_t)rte_mem_virt2iova(append_ptr);
-		pst.src_addr = (phys_addr_t)rte_mem_virt2iova((void *)addr);
-	} else {
-		dest_addr = (phys_addr_t)rte_mem_virt2phy(append_ptr);
-		pst.src_addr = (phys_addr_t)rte_mem_virt2phy((void *)addr);
-	}
-	dest_addr_t = dest_addr;
+	dest_addr_t = dest_addr = (phys_addr_t)rte_mem_virt2iova(append_ptr);
+	pst.src_addr = (phys_addr_t)rte_mem_virt2iova((void *)addr);
 
 	/** Load PHash1 to LSB*/
@@ -1684,8 +1661,5 @@ ccp_perform_hmac(struct rte_crypto_op *op,
 	/** Load PHash2 to LSB*/
 	addr += session->auth.ctx_len;
-	if (iommu_mode == 2)
-		pst.src_addr = (phys_addr_t)rte_mem_virt2iova((void *)addr);
-	else
-		pst.src_addr = (phys_addr_t)rte_mem_virt2phy((void *)addr);
+	pst.src_addr = (phys_addr_t)rte_mem_virt2iova((void *)addr);
 	pst.dest_addr = (phys_addr_t)(cmd_q->sb_sha * CCP_SB_BYTES);
 	pst.len = session->auth.ctx_len;
@@ -1775,12 +1749,6 @@ ccp_perform_sha(struct rte_crypto_op *op,
 	append_ptr = (void *)rte_pktmbuf_append(op->sym->m_src,
 						session->auth.ctx_len);
-	if (iommu_mode == 2) {
-		dest_addr = (phys_addr_t)rte_mem_virt2iova(append_ptr);
-		pst.src_addr = (phys_addr_t)sha_ctx;
-	} else {
-		dest_addr = (phys_addr_t)rte_mem_virt2phy(append_ptr);
-		pst.src_addr = (phys_addr_t)rte_mem_virt2phy((void *)
-						     session->auth.ctx);
-	}
+	pst.src_addr = (phys_addr_t)rte_mem_virt2iova((void *)session->auth.ctx);
+	dest_addr = (phys_addr_t)rte_mem_virt2iova(append_ptr);
 
 	/** Passthru sha context*/
@@ -1872,13 +1840,6 @@ ccp_perform_sha3_hmac(struct rte_crypto_op *op,
 		return -1;
 	}
-	if (iommu_mode == 2) {
-		dest_addr = (phys_addr_t)rte_mem_virt2iova((void *)append_ptr);
-		ctx_paddr = (phys_addr_t)rte_mem_virt2iova(
-					session->auth.pre_compute);
-	} else {
-		dest_addr = (phys_addr_t)rte_mem_virt2phy((void *)append_ptr);
-		ctx_paddr = (phys_addr_t)rte_mem_virt2phy(
-					session->auth.pre_compute);
-	}
+	dest_addr = (phys_addr_t)rte_mem_virt2iova((void *)append_ptr);
+	ctx_paddr = (phys_addr_t)rte_mem_virt2iova(session->auth.pre_compute);
 	dest_addr_t = dest_addr + (session->auth.ctx_len / 2);
 	desc = &cmd_q->qbase_desc[cmd_q->qidx];
@@ -2018,11 +1979,6 @@ ccp_perform_sha3(struct rte_crypto_op *op,
 		return -1;
 	}
-	if (iommu_mode == 2) {
-		dest_addr = (phys_addr_t)rte_mem_virt2iova((void *)append_ptr);
-		ctx_paddr = (phys_addr_t)rte_mem_virt2iova((void *)ctx_addr);
-	} else {
-		dest_addr = (phys_addr_t)rte_mem_virt2phy((void *)append_ptr);
-		ctx_paddr = (phys_addr_t)rte_mem_virt2phy((void *)ctx_addr);
-	}
+	dest_addr = (phys_addr_t)rte_mem_virt2iova((void *)append_ptr);
+	ctx_paddr = (phys_addr_t)rte_mem_virt2iova((void *)ctx_addr);
 
 	ctx_addr = session->auth.sha3_ctx;
@@ -2100,11 +2056,5 @@ ccp_perform_aes_cmac(struct rte_crypto_op *op,
 		ctx_addr = session->auth.pre_compute;
 		memset(ctx_addr, 0, AES_BLOCK_SIZE);
-		if (iommu_mode == 2)
-			pst.src_addr = (phys_addr_t)rte_mem_virt2iova(
-							(void *)ctx_addr);
-		else
-			pst.src_addr = (phys_addr_t)rte_mem_virt2phy(
-							(void *)ctx_addr);
-
+		pst.src_addr = (phys_addr_t)rte_mem_virt2iova((void *)ctx_addr);
 		pst.dest_addr = (phys_addr_t)(cmd_q->sb_iv * CCP_SB_BYTES);
 		pst.len = CCP_SB_BYTES;
@@ -2144,10 +2094,5 @@ ccp_perform_aes_cmac(struct rte_crypto_op *op,
 		ctx_addr = session->auth.pre_compute + CCP_SB_BYTES;
 		memset(ctx_addr, 0, AES_BLOCK_SIZE);
-		if (iommu_mode == 2)
-			pst.src_addr = (phys_addr_t)rte_mem_virt2iova(
-							(void *)ctx_addr);
-		else
-			pst.src_addr = (phys_addr_t)rte_mem_virt2phy(
-							(void *)ctx_addr);
+		pst.src_addr = (phys_addr_t)rte_mem_virt2iova((void *)ctx_addr);
 		pst.dest_addr = (phys_addr_t)(cmd_q->sb_iv * CCP_SB_BYTES);
 		pst.len = CCP_SB_BYTES;
@@ -2343,10 +2288,5 @@ ccp_perform_3des(struct rte_crypto_op *op,
 		rte_memcpy(lsb_buf + (CCP_SB_BYTES - session->iv.length),
 			   iv, session->iv.length);
-		if (iommu_mode == 2)
-			pst.src_addr = (phys_addr_t)rte_mem_virt2iova(
-							(void *) lsb_buf);
-		else
-			pst.src_addr = (phys_addr_t)rte_mem_virt2phy(
-							(void *) lsb_buf);
+		pst.src_addr = (phys_addr_t)rte_mem_virt2iova((void *) lsb_buf);
 		pst.dest_addr = (phys_addr_t)(cmd_q->sb_iv * CCP_SB_BYTES);
 		pst.len = CCP_SB_BYTES;
@@ -2371,9 +2311,5 @@ ccp_perform_3des(struct rte_crypto_op *op,
 		dest_addr = src_addr;
 
-	if (iommu_mode == 2)
-		key_addr = rte_mem_virt2iova(session->cipher.key_ccp);
-	else
-		key_addr = rte_mem_virt2phy(session->cipher.key_ccp);
-
+	key_addr = rte_mem_virt2iova(session->cipher.key_ccp);
 	desc = &cmd_q->qbase_desc[cmd_q->qidx];
 
@@ -2769,10 +2705,5 @@ process_ops_to_enqueue(struct ccp_qp *qp,
 	b_info->desccnt = 0;
 	b_info->cmd_q = cmd_q;
-	if (iommu_mode == 2)
-		b_info->lsb_buf_phys =
-			(phys_addr_t)rte_mem_virt2iova((void *)b_info->lsb_buf);
-	else
-		b_info->lsb_buf_phys =
-			(phys_addr_t)rte_mem_virt2phy((void *)b_info->lsb_buf);
+	b_info->lsb_buf_phys = (phys_addr_t)rte_mem_virt2iova((void *)b_info->lsb_buf);
 
 	rte_atomic64_sub(&b_info->cmd_q->free_slots, slots_req);
diff --git a/drivers/crypto/ccp/ccp_dev.c b/drivers/crypto/ccp/ccp_dev.c
index 3f00b2522b..54c568afd1 100644
--- a/drivers/crypto/ccp/ccp_dev.c
+++ b/drivers/crypto/ccp/ccp_dev.c
@@ -24,5 +24,4 @@
 #include "ccp_pmd_private.h"
 
-int iommu_mode;
 struct ccp_list ccp_list = TAILQ_HEAD_INITIALIZER(ccp_list);
 static int ccp_dev_id;
@@ -653,5 +652,5 @@ static int
 ccp_probe_device(int ccp_type, struct rte_pci_device *pci_dev)
 {
-	struct ccp_device *ccp_dev = NULL;
+	struct ccp_device *ccp_dev;
 
 	ccp_dev = rte_zmalloc("ccp_device", sizeof(*ccp_dev),
@@ -685,14 +684,8 @@ ccp_probe_devices(struct rte_pci_device *pci_dev,
 	DIR *dir;
 	int ret = 0;
-	int module_idx = 0;
 	uint16_t domain;
 	uint8_t bus, devid, function;
 	char dirname[PATH_MAX];
 
-	module_idx = ccp_check_pci_uio_module();
-	if (module_idx < 0)
-		return -1;
-
-	iommu_mode = module_idx;
 	TAILQ_INIT(&ccp_list);
 	dir = opendir(SYSFS_PCI_DEVICES);
diff --git a/drivers/crypto/ccp/ccp_pci.c b/drivers/crypto/ccp/ccp_pci.c
index c941e222c7..bd1a037f76 100644
--- a/drivers/crypto/ccp/ccp_pci.c
+++ b/drivers/crypto/ccp/ccp_pci.c
@@ -12,38 +12,4 @@
 
 #include "ccp_pci.h"
-#include "ccp_pmd_private.h"
-
-static const char * const uio_module_names[] = {
-	"igb_uio",
-	"uio_pci_generic",
-	"vfio_pci"
-};
-
-int
-ccp_check_pci_uio_module(void)
-{
-	FILE *fp;
-	int i;
-	char buf[BUFSIZ];
-
-	fp = fopen(PROC_MODULES, "r");
-	if (fp == NULL)
-		return -1;
-	i = 0;
-	while (uio_module_names[i] != NULL) {
-		while (fgets(buf, sizeof(buf), fp) != NULL) {
-			if (!strncmp(buf, uio_module_names[i],
-				     strlen(uio_module_names[i]))) {
-				fclose(fp);
-				return i;
-			}
-		}
-		i++;
-		rewind(fp);
-	}
-	fclose(fp);
-	CCP_LOG_DBG("Insert igb_uio or uio_pci_generic kernel module(s)");
-	return -1;/* uio not inserted */
-}
 
 /*
diff --git a/drivers/crypto/ccp/ccp_pci.h b/drivers/crypto/ccp/ccp_pci.h
index 7ed3bac406..f393a04d6f 100644
--- a/drivers/crypto/ccp/ccp_pci.h
+++ b/drivers/crypto/ccp/ccp_pci.h
@@ -11,7 +11,4 @@
 
 #define SYSFS_PCI_DEVICES "/sys/bus/pci/devices"
-#define PROC_MODULES "/proc/modules"
-
-int ccp_check_pci_uio_module(void);
 
 int ccp_parse_pci_addr_format(const char *buf, int bufsize, uint16_t *domain,
diff --git a/drivers/crypto/ccp/rte_ccp_pmd.c b/drivers/crypto/ccp/rte_ccp_pmd.c
index c5ec952e36..0d84c8cd0e 100644
--- a/drivers/crypto/ccp/rte_ccp_pmd.c
+++ b/drivers/crypto/ccp/rte_ccp_pmd.c
@@ -23,5 +23,4 @@ static unsigned int ccp_pmd_init_done;
 uint8_t ccp_cryptodev_driver_id;
 uint8_t cryptodev_cnt;
-extern void *sha_ctx;
 
 struct ccp_pmd_init_params {
@@ -214,5 +213,4 @@ cryptodev_ccp_remove(struct rte_pci_device *pci_dev)
 
 	ccp_pmd_init_done = 0;
-	rte_free(sha_ctx);
 
 	RTE_LOG(INFO, PMD, "Closing ccp device %s on numa socket %u\n",
@@ -301,5 +299,4 @@ cryptodev_ccp_probe(struct rte_pci_driver *pci_drv __rte_unused,
 	};
 
-	sha_ctx = (void *)rte_malloc(NULL, SHA512_DIGEST_SIZE, 64);
 	if (ccp_pmd_init_done) {
 		RTE_LOG(INFO, PMD, "CCP PMD already initialized\n");
-- 
2.39.1

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2023-02-23 14:46:24.561726299 +0000
+++ 0030-crypto-ccp-fix-IOVA-handling.patch	2023-02-23 14:46:23.745235879 +0000
@@ -1 +1 @@
-From 9631fb8f10dfafb0547fbf9127b162e62b2bef43 Mon Sep 17 00:00:00 2001
+From b2c5b2d8a87130ea095a1b202460927caf0d4d82 Mon Sep 17 00:00:00 2001
@@ -5,0 +6,2 @@
+[ upstream commit 9631fb8f10dfafb0547fbf9127b162e62b2bef43 ]
+
@@ -17 +18,0 @@
-Cc: stable at dpdk.org
@@ -30 +31 @@
-index b21b32e507..2758187d93 100644
+index 4bab18323b..351d8ac63e 100644
@@ -98 +99 @@
-@@ -1593,12 +1576,6 @@ ccp_perform_hmac(struct rte_crypto_op *op,
+@@ -1595,12 +1578,6 @@ ccp_perform_hmac(struct rte_crypto_op *op,
@@ -113 +114 @@
-@@ -1682,8 +1659,5 @@ ccp_perform_hmac(struct rte_crypto_op *op,
+@@ -1684,8 +1661,5 @@ ccp_perform_hmac(struct rte_crypto_op *op,
@@ -123 +124 @@
-@@ -1771,12 +1745,6 @@ ccp_perform_sha(struct rte_crypto_op *op,
+@@ -1775,12 +1749,6 @@ ccp_perform_sha(struct rte_crypto_op *op,
@@ -138 +139 @@
-@@ -1866,13 +1834,6 @@ ccp_perform_sha3_hmac(struct rte_crypto_op *op,
+@@ -1872,13 +1840,6 @@ ccp_perform_sha3_hmac(struct rte_crypto_op *op,
@@ -154 +155 @@
-@@ -2010,11 +1971,6 @@ ccp_perform_sha3(struct rte_crypto_op *op,
+@@ -2018,11 +1979,6 @@ ccp_perform_sha3(struct rte_crypto_op *op,
@@ -168 +169 @@
-@@ -2090,11 +2046,5 @@ ccp_perform_aes_cmac(struct rte_crypto_op *op,
+@@ -2100,11 +2056,5 @@ ccp_perform_aes_cmac(struct rte_crypto_op *op,
@@ -181 +182 @@
-@@ -2134,10 +2084,5 @@ ccp_perform_aes_cmac(struct rte_crypto_op *op,
+@@ -2144,10 +2094,5 @@ ccp_perform_aes_cmac(struct rte_crypto_op *op,
@@ -193 +194 @@
-@@ -2329,10 +2274,5 @@ ccp_perform_3des(struct rte_crypto_op *op,
+@@ -2343,10 +2288,5 @@ ccp_perform_3des(struct rte_crypto_op *op,
@@ -205 +206 @@
-@@ -2357,9 +2297,5 @@ ccp_perform_3des(struct rte_crypto_op *op,
+@@ -2371,9 +2311,5 @@ ccp_perform_3des(struct rte_crypto_op *op,
@@ -216 +217 @@
-@@ -2747,10 +2683,5 @@ process_ops_to_enqueue(struct ccp_qp *qp,
+@@ -2769,10 +2705,5 @@ process_ops_to_enqueue(struct ccp_qp *qp,
@@ -229 +230 @@
-index 410e62121e..14c54929c4 100644
+index 3f00b2522b..54c568afd1 100644
@@ -245 +246 @@
-@@ -684,14 +683,8 @@ ccp_probe_devices(struct rte_pci_device *pci_dev,
+@@ -685,14 +684,8 @@ ccp_probe_devices(struct rte_pci_device *pci_dev,
@@ -304 +305 @@
-index 6736bf8ad3..d9a8b9dcc6 100644
+index 7ed3bac406..f393a04d6f 100644
@@ -316 +317 @@
-index bcb621234c..661a796116 100644
+index c5ec952e36..0d84c8cd0e 100644
@@ -325 +326 @@
-@@ -201,5 +200,4 @@ cryptodev_ccp_remove(struct rte_pci_device *pci_dev)
+@@ -214,5 +213,4 @@ cryptodev_ccp_remove(struct rte_pci_device *pci_dev)
@@ -331 +332 @@
-@@ -288,5 +286,4 @@ cryptodev_ccp_probe(struct rte_pci_driver *pci_drv __rte_unused,
+@@ -301,5 +299,4 @@ cryptodev_ccp_probe(struct rte_pci_driver *pci_drv __rte_unused,



More information about the stable mailing list