crypto/dpaax_sec: enhance GCM descs to not skip AAD
authorVakul Garg <vakul.garg@nxp.com>
Mon, 14 Oct 2019 06:53:24 +0000 (12:23 +0530)
committerAkhil Goyal <akhil.goyal@nxp.com>
Wed, 23 Oct 2019 14:57:06 +0000 (16:57 +0200)
The GCM descriptors needlessly skip auth_only_len bytes from output
buffer. Due to this, workarounds have to be made in dpseci driver code.
Also this leads to failing of one cryptodev test case for gcm. In this
patch, we change the descriptor construction and adjust dpaaX_sec
accordingly. The test_AES_GCM_auth_encrypt_SGL_out_of_place_400B_1seg
now passes.

Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
drivers/crypto/dpaa2_sec/hw/desc/algo.h
drivers/crypto/dpaa_sec/dpaa_sec.c

index 4b2c1bb..7efa08b 100644 (file)
@@ -350,14 +350,13 @@ build_authenc_gcm_sg_fd(dpaa2_sec_session *sess,
                DPAA2_SET_FLE_INTERNAL_JD(op_fle, auth_only_len);
 
        op_fle->length = (sess->dir == DIR_ENC) ?
-                       (sym_op->aead.data.length + icv_len + auth_only_len) :
-                       sym_op->aead.data.length + auth_only_len;
+                       (sym_op->aead.data.length + icv_len) :
+                       sym_op->aead.data.length;
 
        /* Configure Output SGE for Encap/Decap */
        DPAA2_SET_FLE_ADDR(sge, DPAA2_MBUF_VADDR_TO_IOVA(mbuf));
-       DPAA2_SET_FLE_OFFSET(sge, mbuf->data_off +
-                       RTE_ALIGN_CEIL(auth_only_len, 16) - auth_only_len);
-       sge->length = mbuf->data_len - sym_op->aead.data.offset + auth_only_len;
+       DPAA2_SET_FLE_OFFSET(sge, mbuf->data_off + sym_op->aead.data.offset);
+       sge->length = mbuf->data_len - sym_op->aead.data.offset;
 
        mbuf = mbuf->next;
        /* o/p segs */
@@ -510,24 +509,21 @@ build_authenc_gcm_fd(dpaa2_sec_session *sess,
        if (auth_only_len)
                DPAA2_SET_FLE_INTERNAL_JD(fle, auth_only_len);
        fle->length = (sess->dir == DIR_ENC) ?
-                       (sym_op->aead.data.length + icv_len + auth_only_len) :
-                       sym_op->aead.data.length + auth_only_len;
+                       (sym_op->aead.data.length + icv_len) :
+                       sym_op->aead.data.length;
 
        DPAA2_SET_FLE_SG_EXT(fle);
 
        /* Configure Output SGE for Encap/Decap */
        DPAA2_SET_FLE_ADDR(sge, DPAA2_MBUF_VADDR_TO_IOVA(dst));
-       DPAA2_SET_FLE_OFFSET(sge, dst->data_off +
-                       RTE_ALIGN_CEIL(auth_only_len, 16) - auth_only_len);
-       sge->length = sym_op->aead.data.length + auth_only_len;
+       DPAA2_SET_FLE_OFFSET(sge, dst->data_off + sym_op->aead.data.offset);
+       sge->length = sym_op->aead.data.length;
 
        if (sess->dir == DIR_ENC) {
                sge++;
                DPAA2_SET_FLE_ADDR(sge,
                                DPAA2_VADDR_TO_IOVA(sym_op->aead.digest.data));
                sge->length = sess->digest_length;
-               DPAA2_SET_FD_LEN(fd, (sym_op->aead.data.length +
-                                       sess->iv.length + auth_only_len));
        }
        DPAA2_SET_FLE_FIN(sge);
 
@@ -566,10 +562,6 @@ build_authenc_gcm_fd(dpaa2_sec_session *sess,
                       sess->digest_length);
                DPAA2_SET_FLE_ADDR(sge, DPAA2_VADDR_TO_IOVA(old_icv));
                sge->length = sess->digest_length;
-               DPAA2_SET_FD_LEN(fd, (sym_op->aead.data.length +
-                                sess->digest_length +
-                                sess->iv.length +
-                                auth_only_len));
        }
        DPAA2_SET_FLE_FIN(sge);
 
@@ -578,6 +570,7 @@ build_authenc_gcm_fd(dpaa2_sec_session *sess,
                DPAA2_SET_FD_INTERNAL_JD(fd, auth_only_len);
        }
 
+       DPAA2_SET_FD_LEN(fd, fle->length);
        return 0;
 }
 
index 32ce787..c41cb22 100644 (file)
@@ -649,11 +649,6 @@ cnstr_shdsc_gcm_encap(uint32_t *descbuf, bool ps, bool swap,
        MATHB(p, ZERO, ADD, MATH3, VSEQINSZ, 4, 0);
        pzeroassocjump1 = JUMP(p, zeroassocjump1, LOCAL_JUMP, ALL_TRUE, MATH_Z);
 
-       MATHB(p, ZERO, ADD, MATH3, VSEQOUTSZ, 4, 0);
-
-       /* skip assoc data */
-       SEQFIFOSTORE(p, SKIP, 0, 0, VLF);
-
        /* cryptlen = seqinlen - assoclen */
        MATHB(p, SEQINSZ, SUB, MATH3, VSEQOUTSZ, 4, 0);
 
@@ -756,11 +751,6 @@ cnstr_shdsc_gcm_decap(uint32_t *descbuf, bool ps, bool swap,
        MATHB(p, ZERO, ADD, MATH3, VSEQINSZ, 4, 0);
        pzeroassocjump1 = JUMP(p, zeroassocjump1, LOCAL_JUMP, ALL_TRUE, MATH_Z);
 
-       MATHB(p, ZERO, ADD, MATH3, VSEQOUTSZ, 4, 0);
-
-       /* skip assoc data */
-       SEQFIFOSTORE(p, SKIP, 0, 0, VLF);
-
        /* read assoc data */
        SEQFIFOLOAD(p, AAD1, 0, CLASS1 | VLF | FLUSH1);
 
index 27a9226..3c7c4fa 100644 (file)
@@ -1180,10 +1180,9 @@ build_cipher_auth_gcm_sg(struct rte_crypto_op *op, dpaa_sec_session *ses)
        out_sg = &cf->sg[0];
        out_sg->extension = 1;
        if (is_encode(ses))
-               out_sg->length = sym->aead.data.length + ses->auth_only_len
-                                               + ses->digest_length;
+               out_sg->length = sym->aead.data.length + ses->digest_length;
        else
-               out_sg->length = sym->aead.data.length + ses->auth_only_len;
+               out_sg->length = sym->aead.data.length;
 
        /* output sg entries */
        sg = &cf->sg[2];
@@ -1192,9 +1191,8 @@ build_cipher_auth_gcm_sg(struct rte_crypto_op *op, dpaa_sec_session *ses)
 
        /* 1st seg */
        qm_sg_entry_set64(sg, rte_pktmbuf_mtophys(mbuf));
-       sg->length = mbuf->data_len - sym->aead.data.offset +
-                                       ses->auth_only_len;
-       sg->offset = sym->aead.data.offset - ses->auth_only_len;
+       sg->length = mbuf->data_len - sym->aead.data.offset;
+       sg->offset = sym->aead.data.offset;
 
        /* Successive segs */
        mbuf = mbuf->next;
@@ -1367,8 +1365,8 @@ build_cipher_auth_gcm(struct rte_crypto_op *op, dpaa_sec_session *ses)
        sg++;
        qm_sg_entry_set64(&cf->sg[0], dpaa_mem_vtop(sg));
        qm_sg_entry_set64(sg,
-               dst_start_addr + sym->aead.data.offset - ses->auth_only_len);
-       sg->length = sym->aead.data.length + ses->auth_only_len;
+               dst_start_addr + sym->aead.data.offset);
+       sg->length = sym->aead.data.length;
        length = sg->length;
        if (is_encode(ses)) {
                cpu_to_hw_sg(sg);