Yes, looks good to me.

You probably don't need these zeroes. The API contract is that OCF allocates a zeroed qat_dsession object before it invokes the crypto_newsession callback (so it's also true that the crypto_get_driver_session() call above should never return NULL, as if OCF failed to allocate the qat_dsession object, it would return an error to the caller without invoking the crypto_newsession callback). crypto_get_driver_session() is just returning the pre-allocated qat_dsession object, not allocating it.

Is there any reason not to expose AES-CCM support?

Better to use M_NOWAIT here.

Shouldn't this check happen under the cyInstMtx lock?

I don't think it's a good idea to print this. If it happens frequently it'll spam the console.

I doubt it's a good idea to print this message unconditionally. It could in principle be triggered by some remote host.

Need to set crp->crp_etype and call crypto_done() before returning an error here.

What's the point of this tricky double-checking? We will acquire this mutex in qat_ocf_cookie_alloc() anyway.

This is supposed to be an errno value, but the function will return something from an internal error namespace.

Support for CCM will be covered in further releases.

Changed as suggested, please let me know if I can mark this comment as "done"

Agree, changed as suggested, please let me know if I can mark this comment as "done"

qat_ocf_process method has been refactored to handle session initialization or update in the same critical zone as placing request on HW queues. Please let me know if I can mark this comment as "done"

Comment addressed. Please let me know if I can mark this comment as "done"

Comment addressed. Please let me know if I can mark this comment as "done".

Comment addressed. Please let me know if I can mark this comment as "done"

qat_ocf_process method has been refactored to handle session initialization or update in the same critical zone as placing request on HW queues and this "double-checking" code to acquire mutex has been removed. Please let me know if I can mark this comment as "done"

Comment addressed. Please let me know if I can mark this comment as "done"

qat_dsession here will never be NULL, and I'm fairly certain qatInstance will never be NULL. For the latter you could use a KASSERT to check in debug kernels.

This will never be NULL, so this check is not needed.

This can also never be NULL. qat_instance is a pointer to a member of an array of objects, not a member of an array of pointers.

If this is never expected to be NULL then it would be better to test it as an assertion instead, e.g.

KASSERT(qat_instance->cyInstHandle != NULL, ("%s: no crypto instance available", __func__));

Sure, though you can remove the NULL check as it will never be NULL here.

This can never be NULL.

I believe qat_instance can never be NULL here as freesession is only called if the newsession hook returns success, and the newsession hook above always sets qatInstance to a non-NULL value.

This should never be NULL.

M_WAITOK malloc calls never fail, so this will never be NULL.

qat_softc is never NULL. (The caller already checks for non-NULL, though as noted in the caller below it's never non-NULL there either.)

Always non-NULL.

I believe you don't need this memset. The API from new-bus is that your softc is guaranteed to be zeroed at the start of your attach routine.

qat_softc will always be non-NULL here.

Also always non-NULL.

This does not seem used?

You will want to update this for recent changes in HEAD to remove qat_ocf_devclass and no longer pass it to this macro.

There are many instances of this in the common code too.

NULL check removed

NULL check removed

NULL check removed

NULL check removed

NULL check removed

NULL check removed

NULL check removed

NULL check removed

All NULL checks in common code removed

NULL check removed

NULL check removed

memset removed

NULL check removed

NULL check removed

Removed from all files

DRIVER_MODULE* macros usage fixed in all files

Date updated

I'm confused by this setting. Crypto requests have a crp_digest_start field in the request structure which specifies the buffer offset at which the digest is to be written or read from. However, the driver doesn't use it anywhere. For most transforms this is fine; each cookie has a contiguous buffer for the digest. But for GCM, this buffer is unused. So where does the digest get written, and how does the computed digest get written to the right offset into the crypto buffer?

In the old QAT driver the firmware didn't validate digests, it would just generate them and the driver would perform a comparison. symDpCallback() copies this logic from the old driver, but the behaviour is different for GCM, and it appears to cause memory corruption in some cases.

You are right - digestIsAppended flag assumes that MAC is placed right after payload
in the source buffer (FW limitation). In such case crp_digest_start is not taken into account
what could potentially cause memory corruption. To use HW MAC validation feature
and reflect crp_digest_start, we would have to copy provided MAC to HW buffer before
sending the request. However it could introduce additional complexity level due to the
fact - that OCF can specify the effective MAC length to be validate (csp_auth_mlen).
HW MAC validation feature doesn't provide possibility to set effective MAC length to validate - that's why we would have to handle request without and with csp_auth_mlen set in the different ways. To make it simple, we would suggest to treat AEAD and ETA in the same way - with MAC validation in the callback.

At this moment we do have HW MAC validation forced for GCM and CCM scenarios in the driver code. Removing this limitation seems to be not impacting however full testing cycle is required. Let us keep you posted and let us know if it's potentially acceptable approach.

I think that's acceptable. The old driver did verification in software for all cipher modes.

If you can provide a quick patch, just for testing, I'd be happy to verify that it fixes the problem that I see.

For CCM you need the value of csp_auth_mlen to know how to compute the tag since the length is one of the values in block 0 of the MAC for CCM. However, you can choose to just reject sessions with an unsupported csp_auth_mlen value in your probesesssion hook. For example, you could just fail the probe of GCM sessions whose auth_mlen isn't 12. Then you can assume for GCM that you always have a full tag. Similarly for CCM you should reject sessions if they use an unsupported auth_mlen value.