diff options
Diffstat (limited to 'common/dpdk/recipes-extended/dpdk/dpdk/dpdk-dev-v4-17-20-crypto-ccp-support-cpu-based-md5-and-sha2-family-authentication-algo.patch')
-rw-r--r-- | common/dpdk/recipes-extended/dpdk/dpdk/dpdk-dev-v4-17-20-crypto-ccp-support-cpu-based-md5-and-sha2-family-authentication-algo.patch | 626 |
1 files changed, 0 insertions, 626 deletions
diff --git a/common/dpdk/recipes-extended/dpdk/dpdk/dpdk-dev-v4-17-20-crypto-ccp-support-cpu-based-md5-and-sha2-family-authentication-algo.patch b/common/dpdk/recipes-extended/dpdk/dpdk/dpdk-dev-v4-17-20-crypto-ccp-support-cpu-based-md5-and-sha2-family-authentication-algo.patch deleted file mode 100644 index c7756b4e..00000000 --- a/common/dpdk/recipes-extended/dpdk/dpdk/dpdk-dev-v4-17-20-crypto-ccp-support-cpu-based-md5-and-sha2-family-authentication-algo.patch +++ /dev/null @@ -1,626 +0,0 @@ -From patchwork Fri Mar 9 08:35:17 2018 -Content-Type: text/plain; charset="utf-8" -MIME-Version: 1.0 -Content-Transfer-Encoding: 7bit -Subject: [dpdk-dev, v4, - 17/20] crypto/ccp: support cpu based md5 and sha2 family - authentication algo -From: Ravi Kumar <ravi1.kumar@amd.com> -X-Patchwork-Id: 35816 -X-Patchwork-Delegate: pablo.de.lara.guarch@intel.com -Message-Id: <1520584520-130522-17-git-send-email-Ravi1.kumar@amd.com> -List-Id: dev.dpdk.org -To: dev@dpdk.org -Cc: pablo.de.lara.guarch@intel.com -Date: Fri, 9 Mar 2018 03:35:17 -0500 - -Signed-off-by: Ravi Kumar <Ravi1.kumar@amd.com> ---- - config/common_base | 1 + - drivers/crypto/ccp/ccp_crypto.c | 282 ++++++++++++++++++++++++++++++++++- - drivers/crypto/ccp/ccp_crypto.h | 5 +- - drivers/crypto/ccp/ccp_pmd_ops.c | 23 +++ - drivers/crypto/ccp/ccp_pmd_private.h | 10 ++ - 5 files changed, 316 insertions(+), 5 deletions(-) - -diff --git a/config/common_base b/config/common_base -index 28237f0..65e34ae 100644 ---- a/config/common_base -+++ b/config/common_base -@@ -532,6 +532,7 @@ CONFIG_RTE_LIBRTE_PMD_NULL_CRYPTO=y - # Compile PMD for AMD CCP crypto device - # - CONFIG_RTE_LIBRTE_PMD_CCP=n -+CONFIG_RTE_LIBRTE_PMD_CCP_CPU_AUTH=n - - # - # Compile PMD for Marvell Crypto device -diff --git a/drivers/crypto/ccp/ccp_crypto.c b/drivers/crypto/ccp/ccp_crypto.c -index cb63bc6..133db76 100644 ---- a/drivers/crypto/ccp/ccp_crypto.c -+++ b/drivers/crypto/ccp/ccp_crypto.c -@@ -53,6 +53,12 @@ - #include "ccp_pci.h" - #include "ccp_pmd_private.h" - -+#ifdef RTE_LIBRTE_PMD_CCP_CPU_AUTH -+#include <openssl/conf.h> -+#include <openssl/err.h> -+#include <openssl/hmac.h> -+#endif -+ - /* SHA initial context values */ - static uint32_t ccp_sha1_init[SHA_COMMON_DIGEST_SIZE / sizeof(uint32_t)] = { - SHA1_H4, SHA1_H3, -@@ -786,6 +792,17 @@ ccp_configure_session_auth(struct ccp_session *sess, - else - sess->auth.op = CCP_AUTH_OP_VERIFY; - switch (auth_xform->algo) { -+#ifdef RTE_LIBRTE_PMD_CCP_CPU_AUTH -+ case RTE_CRYPTO_AUTH_MD5_HMAC: -+ sess->auth.algo = CCP_AUTH_ALGO_MD5_HMAC; -+ sess->auth.offset = (CCP_SB_BYTES << 1) - MD5_DIGEST_SIZE; -+ sess->auth.key_length = auth_xform->key.length; -+ sess->auth.block_size = MD5_BLOCK_SIZE; -+ memset(sess->auth.key, 0, sess->auth.block_size); -+ rte_memcpy(sess->auth.key, auth_xform->key.data, -+ auth_xform->key.length); -+ break; -+#endif - case RTE_CRYPTO_AUTH_SHA1: - sess->auth.engine = CCP_ENGINE_SHA; - sess->auth.algo = CCP_AUTH_ALGO_SHA1; -@@ -795,6 +812,17 @@ ccp_configure_session_auth(struct ccp_session *sess, - sess->auth.offset = CCP_SB_BYTES - SHA1_DIGEST_SIZE; - break; - case RTE_CRYPTO_AUTH_SHA1_HMAC: -+#ifdef RTE_LIBRTE_PMD_CCP_CPU_AUTH -+ if (auth_xform->key.length > SHA1_BLOCK_SIZE) -+ return -1; -+ sess->auth.algo = CCP_AUTH_ALGO_SHA1_HMAC; -+ sess->auth.offset = CCP_SB_BYTES - SHA1_DIGEST_SIZE; -+ sess->auth.block_size = SHA1_BLOCK_SIZE; -+ sess->auth.key_length = auth_xform->key.length; -+ memset(sess->auth.key, 0, sess->auth.block_size); -+ rte_memcpy(sess->auth.key, auth_xform->key.data, -+ auth_xform->key.length); -+#else - if (auth_xform->key.length > SHA1_BLOCK_SIZE) - return -1; - sess->auth.engine = CCP_ENGINE_SHA; -@@ -810,6 +838,7 @@ ccp_configure_session_auth(struct ccp_session *sess, - auth_xform->key.length); - if (generate_partial_hash(sess)) - return -1; -+#endif - break; - case RTE_CRYPTO_AUTH_SHA224: - sess->auth.algo = CCP_AUTH_ALGO_SHA224; -@@ -820,6 +849,17 @@ ccp_configure_session_auth(struct ccp_session *sess, - sess->auth.offset = CCP_SB_BYTES - SHA224_DIGEST_SIZE; - break; - case RTE_CRYPTO_AUTH_SHA224_HMAC: -+#ifdef RTE_LIBRTE_PMD_CCP_CPU_AUTH -+ if (auth_xform->key.length > SHA224_BLOCK_SIZE) -+ return -1; -+ sess->auth.algo = CCP_AUTH_ALGO_SHA224_HMAC; -+ sess->auth.offset = CCP_SB_BYTES - SHA224_DIGEST_SIZE; -+ sess->auth.block_size = SHA224_BLOCK_SIZE; -+ sess->auth.key_length = auth_xform->key.length; -+ memset(sess->auth.key, 0, sess->auth.block_size); -+ rte_memcpy(sess->auth.key, auth_xform->key.data, -+ auth_xform->key.length); -+#else - if (auth_xform->key.length > SHA224_BLOCK_SIZE) - return -1; - sess->auth.algo = CCP_AUTH_ALGO_SHA224_HMAC; -@@ -835,6 +875,7 @@ ccp_configure_session_auth(struct ccp_session *sess, - auth_xform->key.length); - if (generate_partial_hash(sess)) - return -1; -+#endif - break; - case RTE_CRYPTO_AUTH_SHA3_224: - sess->auth.algo = CCP_AUTH_ALGO_SHA3_224; -@@ -869,6 +910,17 @@ ccp_configure_session_auth(struct ccp_session *sess, - sess->auth.offset = CCP_SB_BYTES - SHA256_DIGEST_SIZE; - break; - case RTE_CRYPTO_AUTH_SHA256_HMAC: -+#ifdef RTE_LIBRTE_PMD_CCP_CPU_AUTH -+ if (auth_xform->key.length > SHA256_BLOCK_SIZE) -+ return -1; -+ sess->auth.algo = CCP_AUTH_ALGO_SHA256_HMAC; -+ sess->auth.offset = CCP_SB_BYTES - SHA256_DIGEST_SIZE; -+ sess->auth.block_size = SHA256_BLOCK_SIZE; -+ sess->auth.key_length = auth_xform->key.length; -+ memset(sess->auth.key, 0, sess->auth.block_size); -+ rte_memcpy(sess->auth.key, auth_xform->key.data, -+ auth_xform->key.length); -+#else - if (auth_xform->key.length > SHA256_BLOCK_SIZE) - return -1; - sess->auth.algo = CCP_AUTH_ALGO_SHA256_HMAC; -@@ -884,6 +936,7 @@ ccp_configure_session_auth(struct ccp_session *sess, - auth_xform->key.length); - if (generate_partial_hash(sess)) - return -1; -+#endif - break; - case RTE_CRYPTO_AUTH_SHA3_256: - sess->auth.algo = CCP_AUTH_ALGO_SHA3_256; -@@ -918,6 +971,17 @@ ccp_configure_session_auth(struct ccp_session *sess, - sess->auth.offset = (CCP_SB_BYTES << 1) - SHA384_DIGEST_SIZE; - break; - case RTE_CRYPTO_AUTH_SHA384_HMAC: -+#ifdef RTE_LIBRTE_PMD_CCP_CPU_AUTH -+ if (auth_xform->key.length > SHA384_BLOCK_SIZE) -+ return -1; -+ sess->auth.algo = CCP_AUTH_ALGO_SHA384_HMAC; -+ sess->auth.offset = (CCP_SB_BYTES << 1) - SHA384_DIGEST_SIZE; -+ sess->auth.block_size = SHA384_BLOCK_SIZE; -+ sess->auth.key_length = auth_xform->key.length; -+ memset(sess->auth.key, 0, sess->auth.block_size); -+ rte_memcpy(sess->auth.key, auth_xform->key.data, -+ auth_xform->key.length); -+#else - if (auth_xform->key.length > SHA384_BLOCK_SIZE) - return -1; - sess->auth.algo = CCP_AUTH_ALGO_SHA384_HMAC; -@@ -933,6 +997,7 @@ ccp_configure_session_auth(struct ccp_session *sess, - auth_xform->key.length); - if (generate_partial_hash(sess)) - return -1; -+#endif - break; - case RTE_CRYPTO_AUTH_SHA3_384: - sess->auth.algo = CCP_AUTH_ALGO_SHA3_384; -@@ -967,6 +1032,17 @@ ccp_configure_session_auth(struct ccp_session *sess, - sess->auth.offset = (CCP_SB_BYTES << 1) - SHA512_DIGEST_SIZE; - break; - case RTE_CRYPTO_AUTH_SHA512_HMAC: -+#ifdef RTE_LIBRTE_PMD_CCP_CPU_AUTH -+ if (auth_xform->key.length > SHA512_BLOCK_SIZE) -+ return -1; -+ sess->auth.algo = CCP_AUTH_ALGO_SHA512_HMAC; -+ sess->auth.offset = (CCP_SB_BYTES << 1) - SHA512_DIGEST_SIZE; -+ sess->auth.block_size = SHA512_BLOCK_SIZE; -+ sess->auth.key_length = auth_xform->key.length; -+ memset(sess->auth.key, 0, sess->auth.block_size); -+ rte_memcpy(sess->auth.key, auth_xform->key.data, -+ auth_xform->key.length); -+#else - if (auth_xform->key.length > SHA512_BLOCK_SIZE) - return -1; - sess->auth.algo = CCP_AUTH_ALGO_SHA512_HMAC; -@@ -982,6 +1058,7 @@ ccp_configure_session_auth(struct ccp_session *sess, - auth_xform->key.length); - if (generate_partial_hash(sess)) - return -1; -+#endif - break; - case RTE_CRYPTO_AUTH_SHA3_512: - sess->auth.algo = CCP_AUTH_ALGO_SHA3_512; -@@ -1012,7 +1089,7 @@ ccp_configure_session_auth(struct ccp_session *sess, - sess->auth.engine = CCP_ENGINE_AES; - sess->auth.um.aes_mode = CCP_AES_MODE_CMAC; - sess->auth.key_length = auth_xform->key.length; -- /**<padding and hash result*/ -+ /* padding and hash result */ - sess->auth.ctx_len = CCP_SB_BYTES << 1; - sess->auth.offset = AES_BLOCK_SIZE; - sess->auth.block_size = AES_BLOCK_SIZE; -@@ -1208,14 +1285,22 @@ ccp_auth_slot(struct ccp_session *session) - count = 3; - /**< op + lsb passthrough cpy to/from*/ - break; -+#ifdef RTE_LIBRTE_PMD_CCP_CPU_AUTH -+ case CCP_AUTH_ALGO_MD5_HMAC: -+ break; -+#endif - case CCP_AUTH_ALGO_SHA1_HMAC: - case CCP_AUTH_ALGO_SHA224_HMAC: - case CCP_AUTH_ALGO_SHA256_HMAC: -+#ifndef RTE_LIBRTE_PMD_CCP_CPU_AUTH - count = 6; -+#endif - break; - case CCP_AUTH_ALGO_SHA384_HMAC: - case CCP_AUTH_ALGO_SHA512_HMAC: -+#ifndef RTE_LIBRTE_PMD_CCP_CPU_AUTH - count = 7; -+#endif - /** - * 1. Load PHash1 = H(k ^ ipad); to LSB - * 2. generate IHash = H(hash on meassage with PHash1 -@@ -1322,6 +1407,122 @@ ccp_compute_slot_count(struct ccp_session *session) - return count; - } - -+#ifdef RTE_LIBRTE_PMD_CCP_CPU_AUTH -+static uint8_t -+algo_select(int sessalgo, -+ const EVP_MD **algo) -+{ -+ int res = 0; -+ -+ switch (sessalgo) { -+ case CCP_AUTH_ALGO_MD5_HMAC: -+ *algo = EVP_md5(); -+ break; -+ case CCP_AUTH_ALGO_SHA1_HMAC: -+ *algo = EVP_sha1(); -+ break; -+ case CCP_AUTH_ALGO_SHA224_HMAC: -+ *algo = EVP_sha224(); -+ break; -+ case CCP_AUTH_ALGO_SHA256_HMAC: -+ *algo = EVP_sha256(); -+ break; -+ case CCP_AUTH_ALGO_SHA384_HMAC: -+ *algo = EVP_sha384(); -+ break; -+ case CCP_AUTH_ALGO_SHA512_HMAC: -+ *algo = EVP_sha512(); -+ break; -+ default: -+ res = -EINVAL; -+ break; -+ } -+ return res; -+} -+ -+static int -+process_cpu_auth_hmac(uint8_t *src, uint8_t *dst, -+ __rte_unused uint8_t *iv, -+ EVP_PKEY *pkey, -+ int srclen, -+ EVP_MD_CTX *ctx, -+ const EVP_MD *algo, -+ uint16_t d_len) -+{ -+ size_t dstlen; -+ unsigned char temp_dst[64]; -+ -+ if (EVP_DigestSignInit(ctx, NULL, algo, NULL, pkey) <= 0) -+ goto process_auth_err; -+ -+ if (EVP_DigestSignUpdate(ctx, (char *)src, srclen) <= 0) -+ goto process_auth_err; -+ -+ if (EVP_DigestSignFinal(ctx, temp_dst, &dstlen) <= 0) -+ goto process_auth_err; -+ -+ memcpy(dst, temp_dst, d_len); -+ return 0; -+process_auth_err: -+ CCP_LOG_ERR("Process cpu auth failed"); -+ return -EINVAL; -+} -+ -+static int cpu_crypto_auth(struct ccp_qp *qp, -+ struct rte_crypto_op *op, -+ struct ccp_session *sess, -+ EVP_MD_CTX *ctx) -+{ -+ uint8_t *src, *dst; -+ int srclen, status; -+ struct rte_mbuf *mbuf_src, *mbuf_dst; -+ const EVP_MD *algo = NULL; -+ EVP_PKEY *pkey; -+ -+ algo_select(sess->auth.algo, &algo); -+ pkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, sess->auth.key, -+ sess->auth.key_length); -+ mbuf_src = op->sym->m_src; -+ mbuf_dst = op->sym->m_dst ? op->sym->m_dst : op->sym->m_src; -+ srclen = op->sym->auth.data.length; -+ src = rte_pktmbuf_mtod_offset(mbuf_src, uint8_t *, -+ op->sym->auth.data.offset); -+ -+ if (sess->auth.op == CCP_AUTH_OP_VERIFY) { -+ dst = qp->temp_digest; -+ } else { -+ dst = op->sym->auth.digest.data; -+ if (dst == NULL) { -+ dst = rte_pktmbuf_mtod_offset(mbuf_dst, uint8_t *, -+ op->sym->auth.data.offset + -+ sess->auth.digest_length); -+ } -+ } -+ status = process_cpu_auth_hmac(src, dst, NULL, -+ pkey, srclen, -+ ctx, -+ algo, -+ sess->auth.digest_length); -+ if (status) { -+ op->status = RTE_CRYPTO_OP_STATUS_ERROR; -+ return status; -+ } -+ -+ if (sess->auth.op == CCP_AUTH_OP_VERIFY) { -+ if (memcmp(dst, op->sym->auth.digest.data, -+ sess->auth.digest_length) != 0) { -+ op->status = RTE_CRYPTO_OP_STATUS_AUTH_FAILED; -+ } else { -+ op->status = RTE_CRYPTO_OP_STATUS_SUCCESS; -+ } -+ } else { -+ op->status = RTE_CRYPTO_OP_STATUS_SUCCESS; -+ } -+ EVP_PKEY_free(pkey); -+ return 0; -+} -+#endif -+ - static void - ccp_perform_passthru(struct ccp_passthru *pst, - struct ccp_queue *cmd_q) -@@ -2417,14 +2618,24 @@ ccp_crypto_auth(struct rte_crypto_op *op, - result = ccp_perform_sha(op, cmd_q); - b_info->desccnt += 3; - break; -+#ifdef RTE_LIBRTE_PMD_CCP_CPU_AUTH -+ case CCP_AUTH_ALGO_MD5_HMAC: -+ break; -+#endif - case CCP_AUTH_ALGO_SHA1_HMAC: - case CCP_AUTH_ALGO_SHA224_HMAC: - case CCP_AUTH_ALGO_SHA256_HMAC: -+#ifdef RTE_LIBRTE_PMD_CCP_CPU_AUTH -+ break; -+#endif - result = ccp_perform_hmac(op, cmd_q); - b_info->desccnt += 6; - break; - case CCP_AUTH_ALGO_SHA384_HMAC: - case CCP_AUTH_ALGO_SHA512_HMAC: -+#ifdef RTE_LIBRTE_PMD_CCP_CPU_AUTH -+ break; -+#endif - result = ccp_perform_hmac(op, cmd_q); - b_info->desccnt += 7; - break; -@@ -2488,7 +2699,7 @@ ccp_crypto_aead(struct rte_crypto_op *op, - } - - int --process_ops_to_enqueue(const struct ccp_qp *qp, -+process_ops_to_enqueue(struct ccp_qp *qp, - struct rte_crypto_op **op, - struct ccp_queue *cmd_q, - uint16_t nb_ops, -@@ -2497,11 +2708,22 @@ process_ops_to_enqueue(const struct ccp_qp *qp, - int i, result = 0; - struct ccp_batch_info *b_info; - struct ccp_session *session; -+#ifdef RTE_LIBRTE_PMD_CCP_CPU_AUTH -+ EVP_MD_CTX *auth_ctx = NULL; -+#endif - - if (rte_mempool_get(qp->batch_mp, (void **)&b_info)) { - CCP_LOG_ERR("batch info allocation failed"); - return 0; - } -+#ifdef RTE_LIBRTE_PMD_CCP_CPU_AUTH -+ auth_ctx = EVP_MD_CTX_create(); -+ if (unlikely(!auth_ctx)) { -+ CCP_LOG_ERR("Unable to create auth ctx"); -+ return 0; -+ } -+ b_info->auth_ctr = 0; -+#endif - /* populate batch info necessary for dequeue */ - b_info->op_idx = 0; - b_info->lsb_buf_idx = 0; -@@ -2523,6 +2745,11 @@ process_ops_to_enqueue(const struct ccp_qp *qp, - break; - case CCP_CMD_AUTH: - result = ccp_crypto_auth(op[i], cmd_q, b_info); -+#ifdef RTE_LIBRTE_PMD_CCP_CPU_AUTH -+ b_info->auth_ctr++; -+ result = cpu_crypto_auth(qp, op[i], -+ session, auth_ctx); -+#endif - break; - case CCP_CMD_CIPHER_HASH: - result = ccp_crypto_cipher(op[i], cmd_q, b_info); -@@ -2532,6 +2759,12 @@ process_ops_to_enqueue(const struct ccp_qp *qp, - break; - case CCP_CMD_HASH_CIPHER: - result = ccp_crypto_auth(op[i], cmd_q, b_info); -+#ifdef RTE_LIBRTE_PMD_CCP_CPU_AUTH -+ result = cpu_crypto_auth(qp, op[i], -+ session, auth_ctx); -+ if (op[i]->status != RTE_CRYPTO_OP_STATUS_SUCCESS) -+ continue; -+#endif - if (result) - break; - result = ccp_crypto_cipher(op[i], cmd_q, b_info); -@@ -2565,6 +2798,9 @@ process_ops_to_enqueue(const struct ccp_qp *qp, - - rte_ring_enqueue(qp->processed_pkts, (void *)b_info); - -+#ifdef RTE_LIBRTE_PMD_CCP_CPU_AUTH -+ EVP_MD_CTX_destroy(auth_ctx); -+#endif - return i; - } - -@@ -2633,13 +2869,27 @@ static inline void ccp_auth_dq_prepare(struct rte_crypto_op *op) - } - - static int --ccp_prepare_ops(struct rte_crypto_op **op_d, -+#ifdef RTE_LIBRTE_PMD_CCP_CPU_AUTH -+ccp_prepare_ops(struct ccp_qp *qp, -+#else -+ccp_prepare_ops(struct ccp_qp *qp __rte_unused, -+#endif -+ struct rte_crypto_op **op_d, - struct ccp_batch_info *b_info, - uint16_t nb_ops) - { - int i, min_ops; - struct ccp_session *session; - -+#ifdef RTE_LIBRTE_PMD_CCP_CPU_AUTH -+ EVP_MD_CTX *auth_ctx = NULL; -+ -+ auth_ctx = EVP_MD_CTX_create(); -+ if (unlikely(!auth_ctx)) { -+ CCP_LOG_ERR("Unable to create auth ctx"); -+ return 0; -+ } -+#endif - min_ops = RTE_MIN(nb_ops, b_info->opcnt); - - for (i = 0; i < min_ops; i++) { -@@ -2652,8 +2902,25 @@ ccp_prepare_ops(struct rte_crypto_op **op_d, - op_d[i]->status = RTE_CRYPTO_OP_STATUS_SUCCESS; - break; - case CCP_CMD_AUTH: -+#ifndef RTE_LIBRTE_PMD_CCP_CPU_AUTH -+ ccp_auth_dq_prepare(op_d[i]); -+#endif -+ break; - case CCP_CMD_CIPHER_HASH: -+#ifdef RTE_LIBRTE_PMD_CCP_CPU_AUTH -+ cpu_crypto_auth(qp, op_d[i], -+ session, auth_ctx); -+#else -+ ccp_auth_dq_prepare(op_d[i]); -+#endif -+ break; - case CCP_CMD_HASH_CIPHER: -+#ifdef RTE_LIBRTE_PMD_CCP_CPU_AUTH -+ op_d[i]->status = RTE_CRYPTO_OP_STATUS_SUCCESS; -+#else -+ ccp_auth_dq_prepare(op_d[i]); -+#endif -+ break; - case CCP_CMD_COMBINED: - ccp_auth_dq_prepare(op_d[i]); - break; -@@ -2662,6 +2929,9 @@ ccp_prepare_ops(struct rte_crypto_op **op_d, - } - } - -+#ifdef RTE_LIBRTE_PMD_CCP_CPU_AUTH -+ EVP_MD_CTX_destroy(auth_ctx); -+#endif - b_info->opcnt -= min_ops; - return min_ops; - } -@@ -2681,6 +2951,10 @@ process_ops_to_dequeue(struct ccp_qp *qp, - } else if (rte_ring_dequeue(qp->processed_pkts, - (void **)&b_info)) - return 0; -+#ifdef RTE_LIBRTE_PMD_CCP_CPU_AUTH -+ if (b_info->auth_ctr == b_info->opcnt) -+ goto success; -+#endif - cur_head_offset = CCP_READ_REG(b_info->cmd_q->reg_base, - CMD_Q_HEAD_LO_BASE); - -@@ -2700,7 +2974,7 @@ process_ops_to_dequeue(struct ccp_qp *qp, - - - success: -- nb_ops = ccp_prepare_ops(op, b_info, nb_ops); -+ nb_ops = ccp_prepare_ops(qp, op, b_info, nb_ops); - rte_atomic64_add(&b_info->cmd_q->free_slots, b_info->desccnt); - b_info->desccnt = 0; - if (b_info->opcnt > 0) { -diff --git a/drivers/crypto/ccp/ccp_crypto.h b/drivers/crypto/ccp/ccp_crypto.h -index 8459b71..f526329 100644 ---- a/drivers/crypto/ccp/ccp_crypto.h -+++ b/drivers/crypto/ccp/ccp_crypto.h -@@ -94,6 +94,9 @@ - #define SHA512_BLOCK_SIZE 128 - #define SHA3_512_BLOCK_SIZE 72 - -+/* Maximum length for digest */ -+#define DIGEST_LENGTH_MAX 64 -+ - /* SHA LSB intialiazation values */ - - #define SHA1_H0 0x67452301UL -@@ -372,7 +375,7 @@ int ccp_compute_slot_count(struct ccp_session *session); - * @param nb_ops No. of ops to be submitted - * @return 0 on success otherwise -1 - */ --int process_ops_to_enqueue(const struct ccp_qp *qp, -+int process_ops_to_enqueue(struct ccp_qp *qp, - struct rte_crypto_op **op, - struct ccp_queue *cmd_q, - uint16_t nb_ops, -diff --git a/drivers/crypto/ccp/ccp_pmd_ops.c b/drivers/crypto/ccp/ccp_pmd_ops.c -index bb59d15..1b67070 100644 ---- a/drivers/crypto/ccp/ccp_pmd_ops.c -+++ b/drivers/crypto/ccp/ccp_pmd_ops.c -@@ -39,6 +39,29 @@ - #include "ccp_crypto.h" - - static const struct rte_cryptodev_capabilities ccp_pmd_capabilities[] = { -+#ifdef RTE_LIBRTE_PMD_CCP_CPU_AUTH -+ { /* MD5 HMAC */ -+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, -+ {.sym = { -+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, -+ {.auth = { -+ .algo = RTE_CRYPTO_AUTH_MD5_HMAC, -+ .block_size = 64, -+ .key_size = { -+ .min = 1, -+ .max = 64, -+ .increment = 1 -+ }, -+ .digest_size = { -+ .min = 16, -+ .max = 16, -+ .increment = 0 -+ }, -+ .aad_size = { 0 } -+ }, } -+ }, } -+ }, -+#endif - { /* SHA1 */ - .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, - {.sym = { -diff --git a/drivers/crypto/ccp/ccp_pmd_private.h b/drivers/crypto/ccp/ccp_pmd_private.h -index d278a8c..cd9f6ae 100644 ---- a/drivers/crypto/ccp/ccp_pmd_private.h -+++ b/drivers/crypto/ccp/ccp_pmd_private.h -@@ -32,6 +32,7 @@ - #define _CCP_PMD_PRIVATE_H_ - - #include <rte_cryptodev.h> -+#include "ccp_crypto.h" - - #define CRYPTODEV_NAME_CCP_PMD crypto_ccp - -@@ -87,6 +88,10 @@ struct ccp_batch_info { - phys_addr_t lsb_buf_phys; - /**< LSB intermediate buf for passthru */ - int lsb_buf_idx; -+#ifdef RTE_LIBRTE_PMD_CCP_CPU_AUTH -+ uint16_t auth_ctr; -+ /**< auth only ops batch */ -+#endif - } __rte_cache_aligned; - - /**< CCP crypto queue pair */ -@@ -107,6 +112,11 @@ struct ccp_qp { - /**< Store ops pulled out of queue */ - struct rte_cryptodev *dev; - /**< rte crypto device to which this qp belongs */ -+ uint8_t temp_digest[DIGEST_LENGTH_MAX]; -+ /**< Buffer used to store the digest generated -+ * by the driver when verifying a digest provided -+ * by the user (using authentication verify operation) -+ */ - } __rte_cache_aligned; - - |