Details

Reviewers

erj
kgalazka
kbowling
adrian
markj

Group Reviewers

manpages

Commits

rG5c78efa63b44: qat: fix typos and formatting issues
rGef360183df81: qat: update API files to use SPDX identifier
rGa66d631a385e: qat: refactor error handling and add mutex locks
rGcabd847e400f: qat: driver updates to improve code and fix bugs
rG84af3e5b2f67: qat: move debugfs handling to separate file
rG9c5211114872: qat: reimplement cpaCyGetXXXInstances as a wrapper
rGef712e91a866: qat: restrict sysctl access to privileged users
rG82172ed4c98c: qat: add disable safe dc mode for QAT SPR devices
rG25f09d4a9c35: qat: fix typos and formatting issues
rG2542189532b3: qat: update API files to use SPDX identifier
rGae1dc27639c8: qat: refactor error handling and add mutex locks
rGded037e65e52: qat: driver updates to improve code and fix bugs
rGe745eee59c82: qat: reimplement cpaCyGetXXXInstances as a wrapper
rGc38bafee7e18: qat: move debugfs handling to separate file
rG8aa51e6d7de0: qat: restrict sysctl access to privileged users
rG4da5c15e5c84: qat: update 4xxx capabilities handling
rG5a8e5215cef0: qat: add disable safe dc mode for QAT SPR devices

Summary

Intel(R) QuickAssist Technology (Intel(R) QAT) provides hardware
acceleration for offloading security, authentication and compression
services from the CPU, thus significantly increasing the performance
and efficiency of standard platform solutions.

This review introduces:

Fixing typos and formatting issues
Addition of disable safe dc mode for QAT SPR devices
Update 4xxx capabilities handling
Moving debugfs handling to separate file
Restrict sysctl access to privileged users
Reimplement cpaCyGetXXXInstances as a wrapper
Driver updates to improve code and fix bugs
Refactor error handling and addition of mutex locks
Update API files to use SPDX identifier

Some background on our QAT FreeBSD code base. This review includes typo/grammar/format changes (in addition to features/bug fixes) made by our Linux/Windows team. They release this code and also go through community reviews. Our QAT FreeBSD team shares this same code base and at a later time, release this code to FreeBSD. While there is some FreeBSD specific code, we try to keep this to a minimum (based on OS differences). As we lag the Linux/Windows releases, our release strategy is to try and influence changes made by those teams before we inherit the code. Otherwise our QAT FreeBSD code would diverge more and more over time and be very difficult for us to maintain. That said, we do immediately fix critical/security issues found.

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

There are a very large number of changes, so older changes are hidden. Show Older Changes

imp added inline comments.May 20 2025, 8:39 PM

sys/modules/qat/qat/Makefile
27	Please use ">>" in case we ever add more of these.

hareshx.sankar.raj_intel.com added inline comments.May 22 2025, 1:16 PM

share/man/man4/qat.4
114	Thanks for your feedback. We will update this in the review. Locally checked the change and it is reflecting as desired.
sys/dev/qat/qat_api/common/crypto/sym/include/lac_session.h
40 ↗	(On Diff #155568)	Thanks for the suggestions on grammar and typos. The typos fixes we made currently in this review are done to align with the Linux codebase. The files are shared with Linux/Windows platforms as well and in case we correct here, we will have some additional reworks in the internal repos as well to align the files across platforms. We will plan to consider the suggestions made in a future review.
sys/dev/qat/qat_api/common/crypto/sym/key/lac_sym_key.c
2165 ↗	(On Diff #155568)	Thanks - we will update this in this review and respond here
sys/dev/qat/qat_api/common/include/lac_mem.h
354 ↗	(On Diff #155568)	Our internal verify job has a spellcheck and formatting tool that had identified this and it has been fixed when fixing multiple other typos
sys/dev/qat/qat_common/adf_cfg_device.c
686 ↗	(On Diff #155568)	Thanks - We will update this review correcting it
sys/dev/qat/qat_common/adf_freebsd_dbgfs.c
26 ↗	(On Diff #155568)	Thanks - this EXPORT_SYMBOL_GPL() is not required. We will update this review removing it. The debugfs is a qat specific sysctl entry which will display few config parameters when requested.
sys/dev/qat/qat_hw/qat_4xxx/adf_drv.c
86	We wanted to invoke a custom handler adf_4xxx_sysctl_disable_safe_dc_mode when the sysctl attribute is set and hence SYSCTL_ADD_OID was preferred.
sys/dev/qat/qat_hw/qat_4xxxvf/adf_4xxxvf_hw_data.c
136 ↗	(On Diff #155568)	Yes the capabilities handling logic has been updated and refactored in the code. We are aligning the logic with the Linux drivers.
sys/dev/qat/qat_hw/qat_4xxxvf/adf_drv.c
223 ↗	(On Diff #155568)	Thanks Mark - Agree to this. We will fix in this review.
sys/dev/qat/qat_hw/qat_c4xxx/adf_c4xxx_ras.c
64 ↗	(On Diff #155568)	Thanks for highlighting - There needs a cleanup regarding this function which we will do in a future release. Our current scope did not cover the RAS part. The privilege check was added uniformly for all sysctl functions
sys/modules/qat/qat/Makefile
27	We currently do not have a plan to add more options. The options and file are qat specific. We need this file to be generated freshly. In case we want to add new option we will ensure we append to the file. opt_qat.h: :> ${.TARGET} .if defined(QAT_DISABLE_SAFE_DC_MODE) && ${QAT_DISABLE_SAFE_DC_MODE} == "1" @echo "#define QAT_DISABLE_SAFE_DC_MODE 1" > ${.TARGET} .endif .if defined(QAT_ENABLE_NEW_FEATURE) && ${QAT_ENABLE_NEW_FEATURE} == "1" @echo "#define QAT_ENABLE_NEW_FEATURE 1" >> ${.TARGET} .endif .endif

hareshx.sankar.raj_intel.com attached a referenced file: F117744399: image.png. (Show Details)May 23 2025, 11:22 AM

hareshx.sankar.raj_intel.com added inline comments.May 27 2025, 7:49 AM

sys/dev/qat/qat_api/common/compression/dc_datapath.c
121 ↗	(On Diff #155568)	Thanks. Yes - we identified this as part of coverity scan and fixed it.
sys/dev/qat/qat_api/common/crypto/sym/include/lac_session.h
49 ↗	(On Diff #155568)	Thanks for the suggestion. We will plan this for a future release.
61 ↗	(On Diff #155568)	Thanks for the suggestion. We will plan this for a future release.
sys/dev/qat/qat_api/common/crypto/sym/include/lac_sym.h
12 ↗	(On Diff #155568)	Thanks for the feedback. We understand there are inconsistencies here and in some other portions as well. We will check and plan this for a future release.
18 ↗	(On Diff #155568)	Agree - we will plan to fix this and more typos in a future release.
43 ↗	(On Diff #155568)	Totally agree! We will check the inconsistencies and plan in a future release.
sys/dev/qat/qat_api/common/crypto/sym/include/lac_sym_alg_chain.h
2 ↗	(On Diff #155568)	This was missed in an earlier release and has been corrected now.
sys/dev/qat/qat_api/common/crypto/sym/include/lac_sym_key.h
17 ↗	(On Diff #155568)	Thanks for the suggestion. As mentioned - the files are shared with other platforms as well. And we will plan internally and correct and update in a future release
sys/dev/qat/qat_api/common/crypto/sym/key/lac_sym_key.c
2165 ↗	(On Diff #155568)	We discussed this internally and it looks it is the same code in Linux as well. We also note there can be more places which do this style. Hence, we will check for these occurrences and plan for a future release.
sys/dev/qat/qat_api/common/ctrl/sal_compression.c
1439 ↗	(On Diff #155568)	This was identified as part of our coverity analysis on the code. There can be instances where the code flow can have device as non-NULL - and device structure not properly filled with device name. This could lead to subsequent issues - and hence a device name check here was essential
sys/dev/qat/qat_api/common/ctrl/sal_get_instances.c
342 ↗	(On Diff #155568)	The cpaGetNumInstances API is the one that is exposed outside and recommended for usage with the applications to get the number of instances in general by requesting with the service type. The Lac_GetCyNumInstancesByType() function is only internal wrapper function for the crypto instances. We believe this should not cause issues.
sys/dev/qat/qat_api/common/include/lac_mem.h
484 ↗	(On Diff #155568)	Thanks. Totally agree. The formatting needs correction. We will correct this in a future release.
sys/dev/qat/qat_api/include/cpa.h
1 ↗	(On Diff #155568)	Sure - we will add the SPDX identifier and remove the longer form of license and ensure consistency across files. We will update this review.

edward.f.roache_intel.com added a subscriber: edward.f.roache_intel.com.May 28 2025, 8:12 AM

edward.f.roache_intel.com added inline comments.

sys/dev/qat/qat_api/common/crypto/sym/include/lac_session.h
40 ↗	(On Diff #155568)	Thanks Eric and all for the good feedback on these typos/formatting items. This review is just a first step in us improving these items (as we rebase internally to a later version of the code shared with other teams). Some of the suggestions may already be fixed internally and we will be picking up in future QAT FreeBSD releases. Others that are not, we will be tracking internally and try to influence change in the shared internal code. Bottom line is that I expect this is just the first of several iterations we will be making to improve the quality. Just some background to try and explain why we are not immediately making changes for some of the suggestions.

qat: add disable safe dc mode for QAT SPR devices
qat: update 4xxx capabilities handling
qat: move debugfs handling to separate file
qat: restrict sysctl access to privileged users
qat: reimplement cpaCyGetXXXInstances as a wrapper
qat: driver updates to improve code and fix bugs
qat: refactor error handling and add mutex locks
qat: update API files to use SPDX identifier

Harbormaster completed remote builds in B64547: Diff 156296.May 30 2025, 12:27 PM

Thanks everyone for your feedback.
We have responded and updated the code addressing the review comments.
Request to kindly re-review and share your feedback and approval. Thanks.

share/man/man4/qat.4
114	Changes are updated as suggested in the latest update.
sys/dev/qat/qat_api/include/cpa.h
1 ↗	(On Diff #155568)	The latest version is updated to add SPDX identifier and removing longer form license thereby maintaining consistency
sys/dev/qat/qat_api/include/icp_buffer_desc.h
22 ↗	(On Diff #155568)	Agree - We will feedback this and check in a future release.
sys/dev/qat/qat_api/qat_kernel/src/lac_adf_interface_freebsd.c
291 ↗	(On Diff #155568)	We believe this was corrected to match the functionality - "and atleast one" of the capabilities was required.
sys/dev/qat/qat_common/adf_cfg_device.c
686 ↗	(On Diff #155568)	It has been corrected in the latest update.
sys/dev/qat/qat_common/adf_freebsd_dbgfs.c
26 ↗	(On Diff #155568)	EXPORT_SYMBOL_GPL is not required and hence removed in the latest version
sys/dev/qat/qat_hw/qat_4xxxvf/adf_drv.c
223 ↗	(On Diff #155568)	bus master disable is called in the detach flow as well in the latest revision.
sys/dev/qat/qat_hw/qat_c3xxx/adf_drv.c
207 ↗	(On Diff #155568)	We have updated the code now. The bus master disable is called in the failure scenarios of driver attach.
sys/modules/qat/qat/Makefile
27	We reviewed it again and saw it is okay to append instead of overwrite. The code has been updated to use ">>" append
sys/modules/qat/qat_api/Makefile
84	Thanks. The code has been updated to use ">>" append
sys/modules/qat/qat_common/Makefile
39	Thanks. The code has been updated to use ">>" append
sys/modules/qat/qat_hw/Makefile
35	Thanks. The code has been updated to use ">>" append

Please mail me git-formatted patches and I'll apply them.

This revision is now accepted and ready to land.May 30 2025, 3:33 PM

I'm so sorry sir, due to the 14.3 release I revised the manual as part of an overhaul of all crypto device driver manuals, please rebase the manual page. Or I can do it if you want. Please forgive the disruption.

In D50379#1155539, @ziaee wrote:

I'm so sorry sir, due to the 14.3 release I revised the manual as part of an overhaul of all crypto device driver manuals, please rebase the manual page. Or I can do it if you want. Please forgive the disruption.

Thanks - we will rebase to latest main code to include the qat man page update and have this phabricator review updated as well.
We would submit the git-formatted patches after rebase.

Rebased and brought in qat.4 man page updates.

This revision now requires review to proceed.Jun 4 2025, 4:14 PM

Harbormaster completed remote builds in B64639: Diff 156536.Jun 4 2025, 4:14 PM

In D50379#1157030, @hareshx.sankar.raj_intel.com wrote:

Rebased and brought in qat.4 man page updates.

Hi All - We have rebased and updated the phabricator review to bring in the qat.4 man page updates by the community.
Request your review and approval - so that we can prepare the final git-formatted patches. Thanks.

markj accepted this revision.Jun 4 2025, 4:25 PM

This revision is now accepted and ready to land.Jun 4 2025, 4:25 PM

LGTM from manpages with the following syntax nits which produce compiler complaints. Thank you so much for updating this!

share/man/man4/qat.4
3	Mandoc does not allow leading zeros in dates.
118	The roff(7) language does not allow blank lines, this produces a warning in the linter. You can check for roff errors using the manual compiler's linter: `mandoc -Tlint src/share/man/man4/qat.4`.

ziaee accepted this revision as: manpages.Jun 4 2025, 4:55 PM

In D50379#1157095, @ziaee wrote:

LGTM from manpages with the following syntax nits which produce compiler complaints. Thank you so much for updating this!

Thanks for your feedback - We will ensure to follow the mandoc checks in our further submissions.
We understand this review has been accepted by Mark from reviewers list and also by Manpages group.
Can we proceed to submit the commits as git-formatted patches over mail? and take up the man page formatting nits in a future review?

In D50379#1157103, @hareshx.sankar.raj_intel.com wrote:

In D50379#1157095, @ziaee wrote:

LGTM from manpages with the following syntax nits which produce compiler complaints. Thank you so much for updating this!

Thanks for your feedback - We will ensure to follow the mandoc checks in our further submissions.
We understand this review has been accepted by Mark from reviewers list and also by Manpages group.
Can we proceed to submit the commits as git-formatted patches over mail? and take up the man page formatting nits in a future review?

Yes, that's fine, and I can correct the nits before pushing.

Address minor nit comments on manpage
Add back accidentally removed copyright commit

This revision now requires review to proceed.Jun 4 2025, 6:38 PM

Harbormaster completed remote builds in B64646: Diff 156545.Jun 4 2025, 6:38 PM

hareshx.sankar.raj_intel.com edited the summary of this revision. (Show Details)Jun 4 2025, 6:39 PM

We noticed that we accidentally missed the copyright year commit changes recently during our latest push. Hence the review is updated ensuring the latest changes are brought in.
Apologies for the inconvenience.
On the latest push - we have addressed the nit comments on manpage as well.
We will plan to do a final patch review and validation and submit git formatted patches tomorrow. Thanks.

hareshx.sankar.raj_intel.com added inline comments.Jun 4 2025, 6:50 PM

share/man/man4/qat.4
3	Thanks, We noticed this by running mandoc command run as suggested. mandoc -Tlint share/man/man4/qat.4 mandoc: share/man/man4/qat.4:118:1: WARNING: blank line in fill mode, using .sp mandoc: share/man/man4/qat.4:3:5: STYLE: normalizing date format to: Dd June 2, 2025 We have fixed it in the latest revision.
118	Blank line is removed. Thanks for the knowledge regarding mandoc. We will ensure this to be run as part of any of our future qat man page updates as well.