Add RISC-V RVV SIMD optimization for rte_hash_k16_cmp_eq() in hash libraryRvv hash

.mailmap

@@ -497,6 +497,7 @@ Ganghui Zeng <zengganghui@huawei.com>
 Gao Feng <davidfgao@tencent.com>
 Gaoxiang Liu <liugaoxiang@huawei.com>
 Gargi Sau <gargi.sau@intel.com>
+Garvit Varshney <gvarshney@marvell.com>
 Gary Mussar <gmussar@ciena.com>
 Gaurav Singh <gaurav1086@gmail.com>
 Gautam Dawar <gdawar@solarflare.com>

app/test/test_cryptodev.c

@@ -9717,7 +9717,6 @@ test_pdcp_proto_SGL(int i, int oop,
 	int ret = TEST_SUCCESS;
 	int to_trn = 0;
 	int to_trn_tbl[16];
-	int segs = 1;
 	unsigned int trn_data = 0;
 	struct rte_cryptodev_info dev_info;
 	uint64_t feat_flags;
@@ -9786,14 +9785,14 @@ test_pdcp_proto_SGL(int i, int oop,
 	 */
 
 	while (trn_data < input_vec_len) {
-		++segs;
 		to_trn = (input_vec_len - trn_data < fragsz) ?
 				(input_vec_len - trn_data) : fragsz;
 
 		to_trn_tbl[ecx++] = to_trn;
 
 		buf->next = rte_pktmbuf_alloc(ts_params->mbuf_pool);
 		buf = buf->next;
+		ut_params->ibuf->nb_segs++;
 
 		memset(rte_pktmbuf_mtod(buf, uint8_t *), 0,
 				rte_pktmbuf_tailroom(buf));
@@ -9803,6 +9802,7 @@ test_pdcp_proto_SGL(int i, int oop,
 			buf_oop->next =
 					rte_pktmbuf_alloc(ts_params->mbuf_pool);
 			buf_oop = buf_oop->next;
+			ut_params->obuf->nb_segs++;
 			memset(rte_pktmbuf_mtod(buf_oop, uint8_t *),
 					0, rte_pktmbuf_tailroom(buf_oop));
 			TEST_ASSERT_NOT_NULL(ut_params->obuf, "Output buffer not initialized");
@@ -9817,16 +9817,12 @@ test_pdcp_proto_SGL(int i, int oop,
 		trn_data += to_trn;
 	}
 
-	ut_params->ibuf->nb_segs = segs;
-
-	segs = 1;
 	if (fragsz_oop && oop) {
 		to_trn = 0;
 		ecx = 0;
 
 		trn_data = frag_size_oop;
 		while (trn_data < output_vec_len) {
-			++segs;
 			to_trn =
 				(output_vec_len - trn_data <
 						frag_size_oop) ?
@@ -9838,13 +9834,13 @@ test_pdcp_proto_SGL(int i, int oop,
 			buf_oop->next =
 				rte_pktmbuf_alloc(ts_params->mbuf_pool);
 			buf_oop = buf_oop->next;
+			ut_params->obuf->nb_segs++;
 			memset(rte_pktmbuf_mtod(buf_oop, uint8_t *),
 					0, rte_pktmbuf_tailroom(buf_oop));
 			TEST_ASSERT_NOT_NULL(rte_pktmbuf_append(ut_params->obuf, to_trn), "Failed to append to mbuf");
 
 			trn_data += to_trn;
 		}
-		ut_params->obuf->nb_segs = segs;
 	}
 
 	/* Setup Cipher Parameters */
@@ -15869,7 +15865,6 @@ test_AES_GMAC_authentication_SGL(const struct gmac_test_data *tdata,
 	uint64_t feature_flags;
 	unsigned int trn_data = 0;
 	void *digest_mem = NULL;
-	uint32_t segs = 1;
 	unsigned int to_trn = 0;
 	struct rte_mbuf *buf = NULL;
 	uint8_t *auth_tag, *plaintext;
@@ -15930,12 +15925,12 @@ test_AES_GMAC_authentication_SGL(const struct gmac_test_data *tdata,
 	 */
 
 	while (trn_data < tdata->plaintext.len) {
-		++segs;
 		to_trn = (tdata->plaintext.len - trn_data < fragsz) ?
 				(tdata->plaintext.len - trn_data) : fragsz;
 
 		buf->next = rte_pktmbuf_alloc(ts_params->mbuf_pool);
 		buf = buf->next;
+		ut_params->ibuf->nb_segs++;
 
 		memset(rte_pktmbuf_mtod(buf, uint8_t *), 0,
 				rte_pktmbuf_tailroom(buf));
@@ -15953,7 +15948,6 @@ test_AES_GMAC_authentication_SGL(const struct gmac_test_data *tdata,
 			TEST_ASSERT_NOT_NULL(digest_mem, "Failed to append digest data");
 		}
 	}
-	ut_params->ibuf->nb_segs = segs;
 
 	/*
 	 * Place digest at the end of the last buffer
@@ -17106,7 +17100,6 @@ test_authenticated_encryption_SGL(const struct aead_test_data *tdata,
 	int retval;
 	int to_trn = 0;
 	int to_trn_tbl[SGL_MAX_NO];
-	int segs = 1;
 	unsigned int trn_data = 0;
 	uint8_t *plaintext, *ciphertext, *auth_tag;
 	struct rte_cryptodev_info dev_info;
@@ -17231,14 +17224,14 @@ test_authenticated_encryption_SGL(const struct aead_test_data *tdata,
 	 */
 
 	while (trn_data < tdata->plaintext.len) {
-		++segs;
 		to_trn = (tdata->plaintext.len - trn_data < fragsz) ?
 				(tdata->plaintext.len - trn_data) : fragsz;
 
 		to_trn_tbl[ecx++] = to_trn;
 
 		buf->next = rte_pktmbuf_alloc(ts_params->mbuf_pool);
 		buf = buf->next;
+		ut_params->ibuf->nb_segs++;
 
 		memset(rte_pktmbuf_mtod(buf, uint8_t *), 0,
 				rte_pktmbuf_tailroom(buf));
@@ -17248,6 +17241,7 @@ test_authenticated_encryption_SGL(const struct aead_test_data *tdata,
 			buf_last_oop = buf_oop->next =
 					rte_pktmbuf_alloc(ts_params->mbuf_pool);
 			buf_oop = buf_oop->next;
+			ut_params->obuf->nb_segs++;
 			memset(rte_pktmbuf_mtod(buf_oop, uint8_t *),
 					0, rte_pktmbuf_tailroom(buf_oop));
 			TEST_ASSERT_NOT_NULL(rte_pktmbuf_append(ut_params->obuf, to_trn), "Failed to append to mbuf");
@@ -17277,9 +17271,6 @@ test_authenticated_encryption_SGL(const struct aead_test_data *tdata,
 
 	uint64_t digest_phys = 0;
 
-	ut_params->ibuf->nb_segs = segs;
-
-	segs = 1;
 	if (fragsz_oop && oop) {
 		to_trn = 0;
 		ecx = 0;
@@ -17295,7 +17286,6 @@ test_authenticated_encryption_SGL(const struct aead_test_data *tdata,
 
 		trn_data = frag_size_oop;
 		while (trn_data < tdata->plaintext.len) {
-			++segs;
 			to_trn =
 				(tdata->plaintext.len - trn_data <
 						frag_size_oop) ?
@@ -17307,6 +17297,7 @@ test_authenticated_encryption_SGL(const struct aead_test_data *tdata,
 			buf_last_oop = buf_oop->next =
 					rte_pktmbuf_alloc(ts_params->mbuf_pool);
 			TEST_ASSERT_NOT_NULL(buf_oop->next, "Unexpected end of chain");
+			ut_params->obuf->nb_segs++;
 			buf_oop = buf_oop->next;
 			memset(rte_pktmbuf_mtod(buf_oop, uint8_t *),
 					0, rte_pktmbuf_tailroom(buf_oop));
@@ -17320,8 +17311,6 @@ test_authenticated_encryption_SGL(const struct aead_test_data *tdata,
 				TEST_ASSERT_NOT_NULL(digest_mem, "Failed to append auth tag");
 			}
 		}
-
-		ut_params->obuf->nb_segs = segs;
 	}
 
 	/*

app/test/test_cryptodev_asym.c

@@ -139,6 +139,7 @@ queue_ops_rsa_sign_verify(void *sess)
 
 	/* Negative test */
 	result_op->asym->rsa.sign.data[0] ^= 0xff;
+	result_op->asym->rsa.sign.length = RTE_DIM(rsa_n);
 	if (rte_cryptodev_enqueue_burst(dev_id, 0, &result_op, 1) != 1) {
 		RTE_LOG(ERR, USER1, "Error sending packet for verify\n");
 		status = TEST_FAILED;

app/test/test_security_inline_proto.c

@@ -542,6 +542,48 @@ init_mempools(unsigned int nb_mbuf)
 	return 0;
 }
 
+static int
+create_ipsec_flow(uint16_t portid, void *ses, uint32_t spi)
+{
+	struct rte_flow_item_esp esp_spec;
+	struct rte_flow_action action[2];
+	struct rte_flow_item pattern[2];
+	struct rte_flow_attr attr = {0};
+	struct rte_flow_error err;
+	struct rte_flow *flow;
+	int ret;
+
+	esp_spec.hdr.spi = rte_cpu_to_be_32(spi);
+
+	pattern[0].type = RTE_FLOW_ITEM_TYPE_ESP;
+	pattern[0].spec = &esp_spec;
+	pattern[0].mask = &rte_flow_item_esp_mask;
+	pattern[0].last = NULL;
+	pattern[1].type = RTE_FLOW_ITEM_TYPE_END;
+
+	action[0].type = RTE_FLOW_ACTION_TYPE_SECURITY;
+	action[0].conf = ses;
+	action[1].type = RTE_FLOW_ACTION_TYPE_END;
+	action[1].conf = NULL;
+
+	attr.ingress = 1;
+
+	ret = rte_flow_validate(portid, &attr, pattern, action, &err);
+	if (ret) {
+		printf("\nValidate ESP flow failed, ret = %d\n", ret);
+		return -1;
+	}
+	flow = rte_flow_create(portid, &attr, pattern, action, &err);
+	if (flow == NULL) {
+		printf("\nESP flow rule create failed\n");
+		return -1;
+	}
+
+	default_flow[portid] = flow;
+
+	return 0;
+}
+
 static int
 create_default_flow(uint16_t portid)
 {
@@ -1373,7 +1415,15 @@ test_ipsec_inline_proto_process(struct ipsec_test_data *td,
 	}
 
 	if (td->ipsec_xform.direction == RTE_SECURITY_IPSEC_SA_DIR_INGRESS) {
-		ret = create_default_flow(port_id);
+		if (flags->inb_oop) {
+			ret = create_ipsec_flow(port_id, ses, td->ipsec_xform.spi);
+			if (ret) {
+				/* Check with default flow rule */
+				printf("\nFailed to create ESP flow, try with default flow");
+				ret = create_default_flow(port_id);
+			}
+		} else
+			ret = create_default_flow(port_id);
 		if (ret)
 			goto out;
 	}

config/rte_config.h

@@ -72,7 +72,7 @@
 #define RTE_MAX_MULTI_HOST_CTRLS 4
 
 /* cryptodev defines */
-#define RTE_CRYPTO_MAX_DEVS 64
+#define RTE_CRYPTO_MAX_DEVS 128
 #define RTE_CRYPTODEV_NAME_LEN 64
 #define RTE_CRYPTO_CALLBACKS 1
 

doc/guides/cryptodevs/features/openssl.ini

@@ -24,6 +24,8 @@ AES CBC (256)  = Y
 AES CTR (128)  = Y
 AES CTR (192)  = Y
 AES CTR (256)  = Y
+AES XTS (128)  = Y
+AES XTS (256)  = Y
 3DES CBC       = Y
 3DES CTR       = Y
 DES DOCSIS BPI = Y
@@ -43,6 +45,8 @@ SHA384       = Y
 SHA384 HMAC  = Y
 SHA512       = Y
 SHA512 HMAC  = Y
+SHAKE_128    = Y
+SHAKE_256    = Y
 AES GMAC     = Y
 
 ;

doc/guides/cryptodevs/openssl.rst

@@ -22,6 +22,7 @@ Supported cipher algorithms:
 * ``RTE_CRYPTO_CIPHER_3DES_CBC``
 * ``RTE_CRYPTO_CIPHER_AES_CBC``
 * ``RTE_CRYPTO_CIPHER_AES_CTR``
+* ``RTE_CRYPTO_CIPHER_AES_XTS``
 * ``RTE_CRYPTO_CIPHER_3DES_CTR``
 * ``RTE_CRYPTO_CIPHER_DES_DOCSISBPI``
 
@@ -40,6 +41,8 @@ Supported authentication algorithms:
 * ``RTE_CRYPTO_AUTH_SHA256_HMAC``
 * ``RTE_CRYPTO_AUTH_SHA384_HMAC``
 * ``RTE_CRYPTO_AUTH_SHA512_HMAC``
+* ``RTE_CRYPTO_AUTH_SHAKE_128``
+* ``RTE_CRYPTO_AUTH_SHAKE_256``
 
 Supported AEAD algorithms:
 

doc/guides/cryptodevs/qat.rst

@@ -501,6 +501,32 @@ If you are running on a kernel which includes a driver for your device, see
    The actual crypto services enabled on the system depend
    on QAT driver capabilities and hardware slice configuration.
 
+.. note::
+
+   With the introduction of QAT Generation 4,
+   the in-tree drivers are available within the mainline Linux kernel.
+   Out-of-tree (OOT) drivers for QAT Gen 4 are currently in sustaining mode,
+   meaning they will only receive maintenance updates without new feature development.
+   Future generations of QAT will be supported with in-tree drivers exclusively.
+
+.. note::
+
+   For **in-tree drivers**, when multiple QAT instances are available,
+   each instance is assigned a different crypto service by default (asym;sym or dc).
+   The available crypto queue pair request will return zero
+   if the corresponding service is not enabled.
+
+   To verify the device configuration, run::
+
+      cat /sys/bus/pci/devices/<BDF>/qat/cfg_services
+
+   For symmetric and asymmetric crypto services, ensure that `"asym;sym"` are enabled.
+
+   For **out-of-tree drivers**, the configuration file for each instance can be found at::
+
+      /etc/<GEN>_dev<ID>.conf
+
+
 Installation using kernel.org driver
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

doc/guides/nics/index.rst

@@ -60,10 +60,11 @@ Network Interface Controller Drivers
     null
     octeon_ep
     octeontx
-    pcap_ring
+    pcap
     pfe
     qede
     r8169
+    ring
     rnp
     sfc_efx
     softnic