From: Arek Kusztal Date: Thu, 7 May 2020 10:57:03 +0000 (+0200) Subject: cryptodev: fix ABI compatibility for ChaCha20-Poly1305 X-Git-Url: http://git.droids-corp.org/?a=commitdiff_plain;h=a0f0de06d457753c94688d551a6e8659b4d4e041;p=dpdk.git cryptodev: fix ABI compatibility for ChaCha20-Poly1305 This patch adds versioned function rte_cryptodev_info_get() to prevent some issues with ABI policy. Node v21 works in same way as before, returning driver capabilities directly to the API caller. These capabilities may include new elements not part of the v20 ABI. Node v20 function maintains compatibility with v20 ABI releases by stripping out elements not supported in v20 ABI. Because rte_cryptodev_info_get is called by other API functions, rte_cryptodev_sym_capability_get function is versioned the same way. Fixes: b922dbd38ced ("cryptodev: add ChaCha20-Poly1305 AEAD algorithm") Signed-off-by: Arek Kusztal Acked-by: Ray Kinsella Acked-by: Fiona Trahe Acked-by: Akhil Goyal --- diff --git a/devtools/libabigail.abignore b/devtools/libabigail.abignore index 587dce16b8..c9ee73cb3c 100644 --- a/devtools/libabigail.abignore +++ b/devtools/libabigail.abignore @@ -40,3 +40,11 @@ type_kind = enum name = rte_cpu_flag_t changed_enumerators = RTE_CPUFLAG_NUMFLAGS +; Ignore Cryptodev AEAD xform enum and AEAD xform strings change +; due to addition of Chacha20-Poly1305 +[suppress_type] + type_kind = enum + name = rte_crypto_aead_algorithm + changed_enumerators = RTE_CRYPTO_AEAD_LIST_END +[suppress_variable] + name = rte_crypto_aead_algorithm_strings diff --git a/lib/librte_cryptodev/meson.build b/lib/librte_cryptodev/meson.build index c4c6b3b6a2..df1144058b 100644 --- a/lib/librte_cryptodev/meson.build +++ b/lib/librte_cryptodev/meson.build @@ -1,6 +1,7 @@ # SPDX-License-Identifier: BSD-3-Clause # Copyright(c) 2017-2019 Intel Corporation +use_function_versioning = true sources = files('rte_cryptodev.c', 'rte_cryptodev_pmd.c', 'cryptodev_trace_points.c') headers = files('rte_cryptodev.h', 'rte_cryptodev_pmd.h', diff --git a/lib/librte_cryptodev/rte_cryptodev.c b/lib/librte_cryptodev/rte_cryptodev.c index 2ce606af85..e37b83afd2 100644 --- a/lib/librte_cryptodev/rte_cryptodev.c +++ b/lib/librte_cryptodev/rte_cryptodev.c @@ -36,6 +36,8 @@ #include #include #include +#include +#include #include "rte_crypto.h" #include "rte_cryptodev.h" @@ -57,6 +59,14 @@ static struct rte_cryptodev_global cryptodev_globals = { /* spinlock for crypto device callbacks */ static rte_spinlock_t rte_cryptodev_cb_lock = RTE_SPINLOCK_INITIALIZER; +static const struct rte_cryptodev_capabilities + cryptodev_undefined_capabilities[] = { + RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST() +}; + +static struct rte_cryptodev_capabilities + *capability_copy[RTE_CRYPTO_MAX_DEVS]; +static uint8_t is_capability_checked[RTE_CRYPTO_MAX_DEVS]; /** * The user application callback description. @@ -281,15 +291,15 @@ rte_crypto_auth_operation_strings[] = { [RTE_CRYPTO_AUTH_OP_GENERATE] = "generate" }; -const struct rte_cryptodev_symmetric_capability * -rte_cryptodev_sym_capability_get(uint8_t dev_id, +const struct rte_cryptodev_symmetric_capability __vsym * +rte_cryptodev_sym_capability_get_v20(uint8_t dev_id, const struct rte_cryptodev_sym_capability_idx *idx) { const struct rte_cryptodev_capabilities *capability; struct rte_cryptodev_info dev_info; int i = 0; - rte_cryptodev_info_get(dev_id, &dev_info); + rte_cryptodev_info_get_v20(dev_id, &dev_info); while ((capability = &dev_info.capabilities[i++])->op != RTE_CRYPTO_OP_TYPE_UNDEFINED) { @@ -313,8 +323,47 @@ rte_cryptodev_sym_capability_get(uint8_t dev_id, } return NULL; +} +VERSION_SYMBOL(rte_cryptodev_sym_capability_get, _v20, 20.0); + +const struct rte_cryptodev_symmetric_capability __vsym * +rte_cryptodev_sym_capability_get_v21(uint8_t dev_id, + const struct rte_cryptodev_sym_capability_idx *idx) +{ + const struct rte_cryptodev_capabilities *capability; + struct rte_cryptodev_info dev_info; + int i = 0; + + rte_cryptodev_info_get(dev_id, &dev_info); + + while ((capability = &dev_info.capabilities[i++])->op != + RTE_CRYPTO_OP_TYPE_UNDEFINED) { + if (capability->op != RTE_CRYPTO_OP_TYPE_SYMMETRIC) + continue; + if (capability->sym.xform_type != idx->type) + continue; + + if (idx->type == RTE_CRYPTO_SYM_XFORM_AUTH && + capability->sym.auth.algo == idx->algo.auth) + return &capability->sym; + + if (idx->type == RTE_CRYPTO_SYM_XFORM_CIPHER && + capability->sym.cipher.algo == idx->algo.cipher) + return &capability->sym; + + if (idx->type == RTE_CRYPTO_SYM_XFORM_AEAD && + capability->sym.aead.algo == idx->algo.aead) + return &capability->sym; + } + + return NULL; } +MAP_STATIC_SYMBOL(const struct rte_cryptodev_symmetric_capability * + rte_cryptodev_sym_capability_get(uint8_t dev_id, + const struct rte_cryptodev_sym_capability_idx *idx), + rte_cryptodev_sym_capability_get_v21); +BIND_DEFAULT_SYMBOL(rte_cryptodev_sym_capability_get, _v21, 21); static int param_range_check(uint16_t size, const struct rte_crypto_param_range *range) @@ -1018,6 +1067,12 @@ rte_cryptodev_close(uint8_t dev_id) retval = (*dev->dev_ops->dev_close)(dev); rte_cryptodev_trace_close(dev_id, retval); + if (capability_copy[dev_id]) { + free(capability_copy[dev_id]); + capability_copy[dev_id] = NULL; + } + is_capability_checked[dev_id] = 0; + if (retval < 0) return retval; @@ -1131,9 +1186,61 @@ rte_cryptodev_stats_reset(uint8_t dev_id) (*dev->dev_ops->stats_reset)(dev); } +static void +get_v20_capabilities(uint8_t dev_id, struct rte_cryptodev_info *dev_info) +{ + const struct rte_cryptodev_capabilities *capability; + uint8_t found_invalid_capa = 0; + uint8_t counter = 0; + + for (capability = dev_info->capabilities; + capability->op != RTE_CRYPTO_OP_TYPE_UNDEFINED; + ++capability, ++counter) { + if (capability->op == RTE_CRYPTO_OP_TYPE_SYMMETRIC && + capability->sym.xform_type == + RTE_CRYPTO_SYM_XFORM_AEAD + && capability->sym.aead.algo >= + RTE_CRYPTO_AEAD_CHACHA20_POLY1305) { + found_invalid_capa = 1; + counter--; + } + } + is_capability_checked[dev_id] = 1; + if (!found_invalid_capa) + return; + capability_copy[dev_id] = malloc(counter * + sizeof(struct rte_cryptodev_capabilities)); + if (capability_copy[dev_id] == NULL) { + /* + * error case - no memory to store the trimmed + * list, so have to return an empty list + */ + dev_info->capabilities = + cryptodev_undefined_capabilities; + is_capability_checked[dev_id] = 0; + } else { + counter = 0; + for (capability = dev_info->capabilities; + capability->op != + RTE_CRYPTO_OP_TYPE_UNDEFINED; + capability++) { + if (!(capability->op == + RTE_CRYPTO_OP_TYPE_SYMMETRIC + && capability->sym.xform_type == + RTE_CRYPTO_SYM_XFORM_AEAD + && capability->sym.aead.algo >= + RTE_CRYPTO_AEAD_CHACHA20_POLY1305)) { + capability_copy[dev_id][counter++] = + *capability; + } + } + dev_info->capabilities = + capability_copy[dev_id]; + } +} -void -rte_cryptodev_info_get(uint8_t dev_id, struct rte_cryptodev_info *dev_info) +void __vsym +rte_cryptodev_info_get_v20(uint8_t dev_id, struct rte_cryptodev_info *dev_info) { struct rte_cryptodev *dev; @@ -1149,10 +1256,40 @@ rte_cryptodev_info_get(uint8_t dev_id, struct rte_cryptodev_info *dev_info) RTE_FUNC_PTR_OR_RET(*dev->dev_ops->dev_infos_get); (*dev->dev_ops->dev_infos_get)(dev, dev_info); + if (capability_copy[dev_id] == NULL) { + if (!is_capability_checked[dev_id]) + get_v20_capabilities(dev_id, dev_info); + } else + dev_info->capabilities = capability_copy[dev_id]; + dev_info->driver_name = dev->device->driver->name; dev_info->device = dev->device; } +VERSION_SYMBOL(rte_cryptodev_info_get, _v20, 20.0); +void __vsym +rte_cryptodev_info_get_v21(uint8_t dev_id, struct rte_cryptodev_info *dev_info) +{ + struct rte_cryptodev *dev; + + if (!rte_cryptodev_pmd_is_valid_dev(dev_id)) { + CDEV_LOG_ERR("Invalid dev_id=%d", dev_id); + return; + } + + dev = &rte_crypto_devices[dev_id]; + + memset(dev_info, 0, sizeof(struct rte_cryptodev_info)); + + RTE_FUNC_PTR_OR_RET(*dev->dev_ops->dev_infos_get); + (*dev->dev_ops->dev_infos_get)(dev, dev_info); + + dev_info->driver_name = dev->device->driver->name; + dev_info->device = dev->device; +} +MAP_STATIC_SYMBOL(void rte_cryptodev_info_get(uint8_t dev_id, + struct rte_cryptodev_info *dev_info), rte_cryptodev_info_get_v21); +BIND_DEFAULT_SYMBOL(rte_cryptodev_info_get, _v21, 21); int rte_cryptodev_callback_register(uint8_t dev_id, diff --git a/lib/librte_cryptodev/rte_cryptodev.h b/lib/librte_cryptodev/rte_cryptodev.h index 257840ea45..4aaee73308 100644 --- a/lib/librte_cryptodev/rte_cryptodev.h +++ b/lib/librte_cryptodev/rte_cryptodev.h @@ -219,6 +219,14 @@ struct rte_cryptodev_asym_capability_idx { * - Return NULL if the capability not exist. */ const struct rte_cryptodev_symmetric_capability * +rte_cryptodev_sym_capability_get_v20(uint8_t dev_id, + const struct rte_cryptodev_sym_capability_idx *idx); + +const struct rte_cryptodev_symmetric_capability * +rte_cryptodev_sym_capability_get_v21(uint8_t dev_id, + const struct rte_cryptodev_sym_capability_idx *idx); + +const struct rte_cryptodev_symmetric_capability * rte_cryptodev_sym_capability_get(uint8_t dev_id, const struct rte_cryptodev_sym_capability_idx *idx); @@ -764,9 +772,33 @@ rte_cryptodev_stats_reset(uint8_t dev_id); * the last valid element has it's op field set to * RTE_CRYPTO_OP_TYPE_UNDEFINED. */ -extern void + +void rte_cryptodev_info_get(uint8_t dev_id, struct rte_cryptodev_info *dev_info); +/* An extra element RTE_CRYPTO_AEAD_CHACHA20_POLY1305 is added + * to enum rte_crypto_aead_algorithm, also changing the value of + * RTE_CRYPTO_AEAD_LIST_END. To maintain ABI compatibility with applications + * which linked against earlier versions, preventing them, for example, from + * picking up the new value and using it to index into an array sized too small + * for it, it is necessary to have two versions of rte_cryptodev_info_get() + * The latest version just returns directly the capabilities retrieved from + * the device. The compatible version inspects the capabilities retrieved + * from the device, but only returns them directly if the new value + * is not included. If the new value is included, it allocates space + * for a copy of the device capabilities, trims the new value from this + * and returns this copy. It only needs to do this once per device. + * For the corner case of a corner case when the alloc may fail, + * an empty capability list is returned, as there is no mechanism to return + * an error and adding such a mechanism would itself be an ABI breakage. + * The compatible version can be removed after the next major ABI release. + */ + +void +rte_cryptodev_info_get_v20(uint8_t dev_id, struct rte_cryptodev_info *dev_info); + +void +rte_cryptodev_info_get_v21(uint8_t dev_id, struct rte_cryptodev_info *dev_info); /** * Register a callback function for specific device id. diff --git a/lib/librte_cryptodev/rte_cryptodev_version.map b/lib/librte_cryptodev/rte_cryptodev_version.map index 87f5cd175e..07a2d2f020 100644 --- a/lib/librte_cryptodev/rte_cryptodev_version.map +++ b/lib/librte_cryptodev/rte_cryptodev_version.map @@ -58,6 +58,13 @@ DPDK_20.0 { local: *; }; +DPDK_21 { + global: + rte_cryptodev_info_get; + rte_cryptodev_sym_capability_get; +} DPDK_20.0; + + EXPERIMENTAL { global: