D50379.diff
No OneTemporary
Actions

Size

10 KB

Referenced Files

None

Subscribers

None

D50379.diff
View Options

	diff --git a/share/man/man4/qat.4 b/share/man/man4/qat.4
	--- a/share/man/man4/qat.4
	+++ b/share/man/man4/qat.4
	@@ -1,6 +1,6 @@
	.\" SPDX-License-Identifier: BSD-3-Clause
	-.\" Copyright(c) 2007-2022 Intel Corporation
	-.Dd May 16, 2025
	+.\" Copyright(c) 2007-2025 Intel Corporation
	+.Dd June 2, 2025
	.Dt QAT 4
	.Os
	.Sh NAME
	@@ -108,6 +108,13 @@
	Override the number of uio user space processes
	that can connect to the QAT device.
	Default: 2
	+.It Va dev.qat.X.disable_safe_dc_mode
	+Override history buffer mitigation.
	+Disabled by default.
	+If enabled, decompression throughput increases but may result in a data leak if
	+.Va dev.qat.X.num_user_processes
	+is more than 1.
	+Enable this option only if your system is not prone to user data leaks.
	.El
	.Pp
	The following
	diff --git a/sys/conf/NOTES b/sys/conf/NOTES
	--- a/sys/conf/NOTES
	+++ b/sys/conf/NOTES
	@@ -2869,3 +2869,6 @@

	# File system monitoring
	device filemon # file monitoring for make(1) meta-mode
	+
	+# Options for the Intel QuickAssist (QAT) driver.
	+options QAT_DISABLE_SAFE_DC_MODE # Disable QAT safe data compression mode (only for 4940 devices).
	diff --git a/sys/conf/options b/sys/conf/options
	--- a/sys/conf/options
	+++ b/sys/conf/options
	@@ -1014,3 +1014,6 @@
	# This option is insecure except in controlled environments where the static
	# environment's contents are known to be safe.
	PRESERVE_EARLY_KENV opt_global.h
	+
	+# Options for the Intel QuickAssist (QAT) driver.
	+QAT_DISABLE_SAFE_DC_MODE opt_qat.h
	diff --git a/sys/contrib/dev/qat/qat_4xxx.bin b/sys/contrib/dev/qat/qat_4xxx.bin
	index 0000000000000000000000000000000000000000..0000000000000000000000000000000000000000
	GIT binary patch
	literal 0
	Hc$@<O00001

	literal 0
	Hc$@<O00001

	diff --git a/sys/dev/qat/include/common/adf_accel_devices.h b/sys/dev/qat/include/common/adf_accel_devices.h
	--- a/sys/dev/qat/include/common/adf_accel_devices.h
	+++ b/sys/dev/qat/include/common/adf_accel_devices.h
	@@ -1,5 +1,5 @@
	/* SPDX-License-Identifier: BSD-3-Clause */
	-/* Copyright(c) 2007-2022 Intel Corporation */
	+/* Copyright(c) 2007-2025 Intel Corporation */
	#ifndef ADF_ACCEL_DEVICES_H_
	#define ADF_ACCEL_DEVICES_H_

	@@ -7,6 +7,8 @@
	#include "adf_cfg_common.h"
	#include "adf_pfvf_msg.h"

	+#include "opt_qat.h"
	+
	#define ADF_CFG_NUM_SERVICES 4

	#define ADF_DH895XCC_DEVICE_NAME "dh895xcc"
	@@ -687,6 +689,10 @@
	struct adf_accel_pci accel_pci_dev;
	struct adf_accel_compat_manager *cm;
	u8 compat_ver;
	+#ifdef QAT_DISABLE_SAFE_DC_MODE
	+ struct sysctl_oid *safe_dc_mode;
	+ u8 disable_safe_dc_mode;
	+#endif /* QAT_DISABLE_SAFE_DC_MODE */
	union {
	struct {
	/* vf_info is non-zero when SR-IOV is init'ed */
	diff --git a/sys/dev/qat/include/icp_qat_fw_init_admin.h b/sys/dev/qat/include/icp_qat_fw_init_admin.h
	--- a/sys/dev/qat/include/icp_qat_fw_init_admin.h
	+++ b/sys/dev/qat/include/icp_qat_fw_init_admin.h
	@@ -1,5 +1,5 @@
	/* SPDX-License-Identifier: BSD-3-Clause */
	-/* Copyright(c) 2007-2022 Intel Corporation */
	+/* Copyright(c) 2007-2025 Intel Corporation */
	#ifndef _ICP_QAT_FW_INIT_ADMIN_H_
	#define _ICP_QAT_FW_INIT_ADMIN_H_

	@@ -43,6 +43,8 @@
	CNV_ERR_TYPE_UNKNOWN_ERROR
	};

	+#define ICP_QAT_FW_INIT_DISABLE_SAFE_DC_MODE_FLAG 0x02
	+
	#define CNV_ERROR_TYPE_GET(latest_error) \
	({ \
	__typeof__(latest_error) _lerror = latest_error; \
	@@ -69,7 +71,8 @@
	struct {
	u64 resrvd2;
	u16 ibuf_size_in_kb;
	- u16 resrvd3;
	+ u8 fw_flags;
	+ u8 resrvd3;
	u32 resrvd4;
	};
	/* ICP_QAT_FW_CONSTANTS_CFG */
	diff --git a/sys/dev/qat/qat_hw/qat_4xxx/adf_4xxx_hw_data.c b/sys/dev/qat/qat_hw/qat_4xxx/adf_4xxx_hw_data.c
	--- a/sys/dev/qat/qat_hw/qat_4xxx/adf_4xxx_hw_data.c
	+++ b/sys/dev/qat/qat_hw/qat_4xxx/adf_4xxx_hw_data.c
	@@ -709,6 +709,10 @@
	memset(&req, 0, sizeof(req));
	memset(&resp, 0, sizeof(resp));
	req.cmd_id = ICP_QAT_FW_INIT_ME;
	+#ifdef QAT_DISABLE_SAFE_DC_MODE
	+ if (accel_dev->disable_safe_dc_mode)
	+ req.fw_flags = ICP_QAT_FW_INIT_DISABLE_SAFE_DC_MODE_FLAG;
	+#endif /* QAT_DISABLE_SAFE_DC_MODE */
	if (adf_send_admin(accel_dev, &req, &resp, ae_mask)) {
	device_printf(GET_DEV(accel_dev),
	"Error sending init message\n");
	diff --git a/sys/dev/qat/qat_hw/qat_4xxx/adf_drv.c b/sys/dev/qat/qat_hw/qat_4xxx/adf_drv.c
	--- a/sys/dev/qat/qat_hw/qat_4xxx/adf_drv.c
	+++ b/sys/dev/qat/qat_hw/qat_4xxx/adf_drv.c
	@@ -47,6 +47,74 @@
	return ENXIO;
	}

	+#ifdef QAT_DISABLE_SAFE_DC_MODE
	+static int adf_4xxx_sysctl_disable_safe_dc_mode(SYSCTL_HANDLER_ARGS)
	+{
	+ struct adf_accel_dev *accel_dev = arg1;
	+ int error, value = accel_dev->disable_safe_dc_mode;
	+
	+ error = sysctl_handle_int(oidp, &value, 0, req);
	+ if (error \|\| !req->newptr)
	+ return error;
	+
	+ if (value != 1 && value != 0)
	+ return EINVAL;
	+
	+ if (adf_dev_started(accel_dev)) {
	+ device_printf(
	+ GET_DEV(accel_dev),
	+ "QAT: configuration can only be changed in \"down\" device state\n");
	+ return EBUSY;
	+ }
	+
	+ accel_dev->disable_safe_dc_mode = (u8)value;
	+
	+ return 0;
	+}
	+
	+static void
	+adf_4xxx_disable_safe_dc_sysctl_add(struct adf_accel_dev *accel_dev)
	+{
	+ struct sysctl_ctx_list *qat_sysctl_ctx;
	+ struct sysctl_oid *qat_sysctl_tree;
	+
	+ qat_sysctl_ctx =
	+ device_get_sysctl_ctx(accel_dev->accel_pci_dev.pci_dev);
	+ qat_sysctl_tree =
	+ device_get_sysctl_tree(accel_dev->accel_pci_dev.pci_dev);
	+ accel_dev->safe_dc_mode =
	+ SYSCTL_ADD_OID(qat_sysctl_ctx,
	+ SYSCTL_CHILDREN(qat_sysctl_tree),
	+ OID_AUTO,
	+ "disable_safe_dc_mode",
	+ CTLTYPE_INT \| CTLFLAG_WR \| CTLFLAG_TUN \|
	+ CTLFLAG_SKIP,
	+ accel_dev,
	+ 0,
	+ adf_4xxx_sysctl_disable_safe_dc_mode,
	+ "LU",
	+ "Disable QAT safe data compression mode");
	+}
	+
	+static void
	+adf_4xxx_disable_safe_dc_sysctl_remove(struct adf_accel_dev *accel_dev)
	+{
	+ int ret;
	+ struct sysctl_ctx_list *qat_sysctl_ctx =
	+ device_get_sysctl_ctx(accel_dev->accel_pci_dev.pci_dev);
	+
	+ ret = sysctl_ctx_entry_del(qat_sysctl_ctx, accel_dev->safe_dc_mode);
	+ if (ret) {
	+ device_printf(GET_DEV(accel_dev), "Failed to delete entry\n");
	+ } else {
	+ ret = sysctl_remove_oid(accel_dev->safe_dc_mode, 1, 1);
	+ if (ret)
	+ device_printf(GET_DEV(accel_dev),
	+ "Failed to delete oid\n");
	+ }
	+}
	+#endif /* QAT_DISABLE_SAFE_DC_MODE */
	+
	static void
	adf_cleanup_accel(struct adf_accel_dev *accel_dev)
	{
	@@ -76,6 +144,9 @@
	free(accel_dev->hw_device, M_QAT_4XXX);
	accel_dev->hw_device = NULL;
	}
	+#ifdef QAT_DISABLE_SAFE_DC_MODE
	+ adf_4xxx_disable_safe_dc_sysctl_remove(accel_dev);
	+#endif /* QAT_DISABLE_SAFE_DC_MODE */
	adf_cfg_dev_remove(accel_dev);
	adf_devmgr_rm_dev(accel_dev, NULL);
	}
	@@ -153,6 +224,10 @@
	if (ret)
	goto out_err;

	+#ifdef QAT_DISABLE_SAFE_DC_MODE
	+ adf_4xxx_disable_safe_dc_sysctl_add(accel_dev);
	+#endif /* QAT_DISABLE_SAFE_DC_MODE */
	+
	pci_set_max_read_req(dev, 4096);

	ret = bus_dma_tag_create(bus_get_dma_tag(dev),
	diff --git a/sys/modules/qat/qat/Makefile b/sys/modules/qat/qat/Makefile
	--- a/sys/modules/qat/qat/Makefile
	+++ b/sys/modules/qat/qat/Makefile
	@@ -4,7 +4,7 @@

	KMOD= qat
	SRCS+= qat_ocf.c qat_ocf_mem_pool.c qat_ocf_utils.c
	-SRCS+= device_if.h bus_if.h vnode_if.h pci_if.h cryptodev_if.h
	+SRCS+= device_if.h bus_if.h vnode_if.h pci_if.h cryptodev_if.h opt_qat.h

	CFLAGS+= ${LINUXKPI_INCLUDES}
	CFLAGS+= -I${SRCTOP}/sys/dev/qat/include
	@@ -17,6 +17,17 @@
	CFLAGS+= -I${SRCTOP}/sys/dev/qat/qat_api/firmware/include
	CFLAGS+= -I${SRCTOP}/sys/dev/qat/qat_api/common/crypto/sym/include

	+.if !defined(KERNBUILDDIR)
	+CFLAGS+= -include opt_qat.h
	+MKDEP= -include opt_qat.h
	+
	+opt_qat.h:
	+ :> ${.TARGET}
	+.if defined(QAT_DISABLE_SAFE_DC_MODE) && ${QAT_DISABLE_SAFE_DC_MODE} == "1"
	+ @echo "#define QAT_DISABLE_SAFE_DC_MODE 1" >> ${.TARGET}
	+.endif
	+.endif
	+
	.include <bsd.kmod.mk>

	.if ${COMPILER_TYPE} == "clang"
	diff --git a/sys/modules/qat/qat_api/Makefile b/sys/modules/qat/qat_api/Makefile
	--- a/sys/modules/qat/qat_api/Makefile
	+++ b/sys/modules/qat/qat_api/Makefile
	@@ -60,7 +60,7 @@
	SRCS+= qat_utils/src/QatUtilsSpinLock.c
	SRCS+= qat_utils/src/QatUtilsAtomic.c
	SRCS+= qat_utils/src/QatUtilsCrypto.c
	-SRCS+= bus_if.h cryptodev_if.h device_if.h pci_if.h vnode_if.h
	+SRCS+= bus_if.h cryptodev_if.h device_if.h pci_if.h vnode_if.h opt_qat.h

	CFLAGS+= -I${SRCTOP}/sys/dev/qat/qat_api/include
	CFLAGS+= -I${SRCTOP}/sys/dev/qat/qat_api/include/lac
	@@ -74,6 +74,17 @@
	CFLAGS+= -I${SRCTOP}/sys/dev/qat/include/common
	CFLAGS+= ${LINUXKPI_INCLUDES}

	+.if !defined(KERNBUILDDIR)
	+CFLAGS+= -include opt_qat.h
	+MKDEP= -include opt_qat.h
	+
	+opt_qat.h:
	+ :> ${.TARGET}
	+.if defined(QAT_DISABLE_SAFE_DC_MODE) && ${QAT_DISABLE_SAFE_DC_MODE} == "1"
	+ @echo "#define QAT_DISABLE_SAFE_DC_MODE 1" >> ${.TARGET}
	+.endif
	+.endif
	+
	.include <bsd.kmod.mk>

	CWARNFLAGS+= -Wno-cast-qual
	diff --git a/sys/modules/qat/qat_common/Makefile b/sys/modules/qat/qat_common/Makefile
	--- a/sys/modules/qat/qat_common/Makefile
	+++ b/sys/modules/qat/qat_common/Makefile
	@@ -23,10 +23,21 @@
	SRCS+= adf_freebsd_transport_debug.c adf_clock.c
	SRCS+= adf_freebsd_cnvnr_ctrs_dbg.c
	SRCS+= adf_freebsd_pfvf_ctrs_dbg.c
	-SRCS+= bus_if.h device_if.h pci_if.h vnode_if.h
	+SRCS+= bus_if.h device_if.h pci_if.h vnode_if.h opt_qat.h

	CFLAGS+= -I${SRCTOP}/sys/dev/qat/include
	CFLAGS+= -I${SRCTOP}/sys/dev/qat/include/common
	CFLAGS+= ${LINUXKPI_INCLUDES}

	+.if !defined(KERNBUILDDIR)
	+CFLAGS+= -include opt_qat.h
	+MKDEP= -include opt_qat.h
	+
	+opt_qat.h:
	+ :> ${.TARGET}
	+.if defined(QAT_DISABLE_SAFE_DC_MODE) && ${QAT_DISABLE_SAFE_DC_MODE} == "1"
	+ @echo "#define QAT_DISABLE_SAFE_DC_MODE 1" >> ${.TARGET}
	+.endif
	+.endif
	+
	.include <bsd.kmod.mk>
	diff --git a/sys/modules/qat/qat_hw/Makefile b/sys/modules/qat/qat_hw/Makefile
	--- a/sys/modules/qat/qat_hw/Makefile
	+++ b/sys/modules/qat/qat_hw/Makefile
	@@ -12,7 +12,7 @@
	SRCS+= qat_c4xxx/adf_c4xxx_hw_data.c qat_c4xxx/adf_drv.c qat_c4xxx/adf_c4xxx_ae_config.c qat_c4xxx/adf_c4xxx_misc_error_stats.c
	SRCS+= qat_c4xxx/adf_c4xxx_pke_replay_stats.c qat_c4xxx/adf_c4xxx_ras.c qat_c4xxx/adf_c4xxx_res_part.c
	SRCS+= qat_c4xxx/adf_c4xxx_reset.c
	-SRCS+= device_if.h bus_if.h vnode_if.h pci_if.h cryptodev_if.h
	+SRCS+= device_if.h bus_if.h vnode_if.h pci_if.h cryptodev_if.h opt_qat.h

	CFLAGS+= ${LINUXKPI_INCLUDES}
	CFLAGS+= -I${SRCTOP}/sys/dev/qat/include
	@@ -25,4 +25,15 @@
	CFLAGS+= -I${SRCTOP}/sys/dev/qat/qat_api/firmware/include
	CFLAGS+= -I${SRCTOP}/sys/dev/qat/qat_api/common/crypto/sym/include

	+.if !defined(KERNBUILDDIR)
	+CFLAGS+= -include opt_qat.h
	+MKDEP= -include opt_qat.h
	+
	+opt_qat.h:
	+ :> ${.TARGET}
	+.if defined(QAT_DISABLE_SAFE_DC_MODE) && ${QAT_DISABLE_SAFE_DC_MODE} == "1"
	+ @echo "#define QAT_DISABLE_SAFE_DC_MODE 1" >> ${.TARGET}
	+.endif
	+.endif
	+
	.include <bsd.kmod.mk>

File Metadata

Mime Type: text/plain
Expires: Sun, Jan 18, 2:17 AM (15 h, 48 m)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 27703110
Default Alt Text: D50379.diff (10 KB)

D50379.diffNo OneTemporaryActions

D50379.diffView Options

File Metadata

Event Timeline

D50379.diff
No OneTemporary
Actions

D50379.diff
View Options