Fix API version for QAT_HW 2.0 driver & bug fixes.

Co-authored-by: Nagha Abirami <naghax.abirami@intel.com> Signed-off-by: Yogaraj Alamenda <yogarajx.alamenda@intel.com>
intel · Mar 24, 2023 · 804c1cc · 804c1cc
1 parent 8042faa
commit 804c1cc
Show file tree

Hide file tree

Showing 13 changed files with 45 additions and 22 deletions.
diff --git a/Makefile.am b/Makefile.am
@@ -149,7 +149,7 @@ AM_CFLAGS = $(cflags_cc_opt) $(cflags_qat_hw_intree) \
             $(cflags_mem_driver) $(cflags_openssl_3) \
             $(cflags_boringssl) $(cflags_qat_hw)     \
             $(cflags_qat_sw) $(cflags_qat_sw_ipsec)  \
-            $(cflags_common)
+            $(cflags_common) $(cflags_qat_debug)
 
 if QAT_BORINGSSL
 bin_PROGRAMS = qatengine_test

diff --git a/configure.ac b/configure.ac
@@ -405,6 +405,8 @@ then
   if test "x$enable_qat_hw" != "xno"
   then
     AC_SUBST([cflags_qat_hw], ["-DQAT_HW"])
+    AC_CHECK_FILE(${with_qat_hw_dir}/quickassist/lookaside/access_layer/src/common/crypto/kpt/crypto/lac_kpt_crypto_qat_comms.c,
+                  [cflags_qat_hw="${cflags_qat_hw} -DQAT20_OOT"], [])
     AC_MSG_NOTICE([QAT_HW acceleration enabled])
   else
     AC_MSG_NOTICE([QAT_HW acceleration disabled])
@@ -608,9 +610,6 @@ AM_CONDITIONAL([QAT_PLOCK], [test "x$enable_qat_plock" != "x"])
 AS_IF([test "x$enable_qat_sw_heuristic_timeout" = "xyes" -a "x$cflags_qat_sw" != "x"],
       [cflags_common="${cflags_common} -DQAT_SW_HEURISTIC_TIMEOUT"; AC_MSG_NOTICE([QAT_SW Heuristic Timeout enabled])])
 
-AS_IF([test "x$with_qat_debug_file" != "x"],
-      [cflags_common="${cflags_common} -DQAT_DEBUG_FILE_PATH=\$(with_qat_debug_file)"; AC_MSG_NOTICE([Debugs to file enabled])])
-
 AS_IF([test "x$with_qat_engine_id" != "x"],
       [cflags_common="${cflags_common} -DQAT_ENGINE_ID=\$(with_qat_engine_id)"; AC_MSG_NOTICE([Using engine id other than default])])
 
@@ -640,6 +639,13 @@ then
   AC_SUBST([QAT_LD_LIB], ["\$(with_ld_opt)"])
 fi
 
+# Write logs to a debug file
+if test "x$with_qat_debug_file" != "x"
+then
+  AC_SUBST([cflags_qat_debug], ["-DQAT_DEBUG_FILE_PATH=\$(with_qat_debug_file)"])
+  AC_MSG_NOTICE([Debugs to file enabled])
+fi
+
 #QAT_HW Memory Driver
 if test "x$cflags_qat_hw" != "x"
 then

diff --git a/qat_evp.c b/qat_evp.c
@@ -748,6 +748,7 @@ const EVP_CIPHER *qat_create_gcm_cipher_meth(int nid, int keylen)
 
     if (!qat_sw_gcm_offload && !qat_hw_gcm_offload) {
         DEBUG("OpenSSL SW AES_GCM_%d registration succeeded\n", keylen*8);
+        EVP_CIPHER_meth_free(c);
         return qat_gcm_cipher_sw_impl(nid);
     }
 

diff --git a/qat_hw_chachapoly.c b/qat_hw_chachapoly.c
@@ -164,6 +164,7 @@ const EVP_CIPHER *chachapoly_cipher_meth(int nid, int keylen)
     } else {
         qat_hw_chacha_poly_offload = 0;
         DEBUG("QAT HW CHACHA POLY is disabled, using OpenSSL SW\n");
+        EVP_CIPHER_meth_free(c);
         return EVP_chacha20_poly1305();
     }
 # else

diff --git a/qat_hw_ciphers.c b/qat_hw_ciphers.c
@@ -275,6 +275,7 @@ const EVP_CIPHER *qat_create_cipher_meth(int nid, int keylen)
     } else {
         qat_hw_aes_cbc_hmac_sha_offload = 0;
         DEBUG("QAT HW AES_CBC_%d_HMAC_SHA is disabled, using OpenSSL SW\n", keylen*8);
+        EVP_CIPHER_meth_free(c);
         return qat_chained_cipher_sw_impl(nid);
     }
 }

diff --git a/qat_hw_ec.c b/qat_hw_ec.c
@@ -101,7 +101,7 @@ CpaCyEcFieldType qat_get_field_type(const EC_GROUP *group)
         return CPA_CY_EC_FIELD_TYPE_BINARY;
 }
 
-#if CPA_CY_API_VERSION_NUM_MAJOR >= 3
+#if defined(QAT20_OOT) || defined(QAT_HW_INTREE)
 int qat_get_curve(CpaCyEcFieldType fieldType)
 {
     if (fieldType == CPA_CY_EC_FIELD_TYPE_PRIME)
@@ -140,7 +140,7 @@ int qat_ecdh_compute_key(unsigned char **outX, size_t *outlenX,
 
     int inst_num = QAT_INVALID_INSTANCE;
     BIGNUM *xP = NULL, *yP = NULL;
-# if CPA_CY_API_VERSION_NUM_MAJOR >= 3
+# if defined(QAT20_OOT) || defined(QAT_HW_INTREE)
     CpaCyEcGenericPointMultiplyOpData *pOpData = NULL;
 # else
     CpaCyEcPointMultiplyOpData *opData = NULL;
@@ -184,7 +184,7 @@ int qat_ecdh_compute_key(unsigned char **outX, size_t *outlenX,
         return ret;
     }
 
-# if CPA_CY_API_VERSION_NUM_MAJOR >= 3
+# if defined(QAT20_OOT) || defined(QAT_HW_INTREE)
     pOpData = (CpaCyEcGenericPointMultiplyOpData *)
                OPENSSL_zalloc(sizeof(CpaCyEcGenericPointMultiplyOpData));
     if (pOpData == NULL) {
@@ -300,7 +300,7 @@ int qat_ecdh_compute_key(unsigned char **outX, size_t *outlenX,
         goto err;
     }
 
-# if CPA_CY_API_VERSION_NUM_MAJOR >= 3
+# if defined(QAT20_OOT) || defined(QAT_HW_INTREE)
     pOpData->pCurve->parameters.weierstrassParameters.fieldType = qat_get_field_type(group);
     pOpData->pCurve->curveType = qat_get_curve(pOpData->pCurve->parameters.weierstrassParameters.fieldType);
 
@@ -423,7 +423,7 @@ int qat_ecdh_compute_key(unsigned char **outX, size_t *outlenX,
         }
 
         CRYPTO_QAT_LOG("KX - %s\n", __func__);
-# if CPA_CY_API_VERSION_NUM_MAJOR >= 3
+# if defined(QAT20_OOT) || defined(QAT_HW_INTREE)
         DUMP_EC_GENERIC_POINT_MULTIPLY(qat_instance_handles[inst_num], pOpData, pResultX, pResultY);
         status = cpaCyEcGenericPointMultiply(qat_instance_handles[inst_num],
                                              qat_ecCallbackFn,
@@ -595,7 +595,7 @@ int qat_ecdh_compute_key(unsigned char **outX, size_t *outlenX,
         OPENSSL_free(pResultY);
     }
 
-# if CPA_CY_API_VERSION_NUM_MAJOR >= 3
+# if defined(QAT20_OOT) || defined(QAT_HW_INTREE)
     if (pOpData) {
         QAT_CHK_CLNSE_QMFREE_NONZERO_FLATBUFF(pOpData->k);
         QAT_CHK_QMFREE_FLATBUFF(pOpData->xP);

diff --git a/qat_hw_prf.h b/qat_hw_prf.h
@@ -71,7 +71,7 @@
  * down in the driver.
  */
 # ifdef ENABLE_QAT_HW_PRF
-#  if CPA_CY_API_VERSION_NUM_MAJOR > 2
+#  if defined(QAT20_OOT) || defined(QAT_HW_INTREE)
 #   define QAT_TLS1_PRF_SECRET_MAXBUF 1024
 #  else
 #   define QAT_TLS1_PRF_SECRET_MAXBUF 512

diff --git a/qat_hw_rsa.c b/qat_hw_rsa.c
@@ -88,7 +88,7 @@
 #else
 # define RSA_QAT_RANGE_MIN 2048
 #endif
-#if CPA_CY_API_VERSION_NUM_MAJOR > 2
+#if defined(QAT20_OOT) || defined(QAT_HW_INTREE)
 # define RSA_QAT_RANGE_MAX 8192
 #else
 # define RSA_QAT_RANGE_MAX 4096

diff --git a/qat_hw_sha3.c b/qat_hw_sha3.c
@@ -163,6 +163,7 @@ const EVP_MD *qat_create_sha3_meth(int nid , int key_type)
     } else {
         qat_hw_sha_offload = 0;
         DEBUG("QAT HW SHA3 is disabled, using OpenSSL SW\n");
+        EVP_MD_meth_free(c);
         return qat_sha3_sw_impl(nid);
     }
 #else
@@ -983,15 +984,14 @@ static int qat_sha3_final(EVP_MD_CTX *ctx, unsigned char *md)
 
     /* Copy digest result into "md" buffer. */
     memcpy(md, sha3_ctx->digest_data, sha3_ctx->md_size);
+    memset(sha3_ctx->digest_data, 0x00, sha3_ctx->md_size);
 
+#ifndef QAT_OPENSSL_PROVIDER
     if (!qat_sha3_cleanup(ctx)) {
         WARN("qat_sha3_cleanup failed\n");
         QATerr(QAT_F_QAT_SHA3_FINAL, ERR_R_INTERNAL_ERROR);
         return 0;
     }
-
-#ifdef QAT_OPENSSL_PROVIDER
-    OPENSSL_clear_free(sha3_ctx, sizeof(qat_sha3_ctx));
 #endif
     return 1;
 }

diff --git a/qat_prov_bio.c b/qat_prov_bio.c
@@ -186,7 +186,7 @@ static int bio_core_new(BIO *bio)
     return 1;
 }
 
-static BIO_METHOD *ossl_prov_ctx_get0_core_bio_method(QAT_PROV_CTX *ctx)
+BIO_METHOD *ossl_prov_ctx_get0_core_bio_method(QAT_PROV_CTX *ctx)
 {
     if (ctx == NULL)
         return NULL;

diff --git a/qat_prov_bio.h b/qat_prov_bio.h
@@ -21,3 +21,4 @@ int ossl_prov_bio_printf(OSSL_CORE_BIO *bio, const char *format, ...);
 
 BIO_METHOD *ossl_bio_prov_init_bio_method(void);
 BIO *ossl_bio_new_from_core_bio(QAT_PROV_CTX *provctx, OSSL_CORE_BIO *corebio);
+BIO_METHOD *ossl_prov_ctx_get0_core_bio_method(QAT_PROV_CTX *ctx);
diff --git a/qat_prov_init.c b/qat_prov_init.c
@@ -24,6 +24,7 @@
 # include "qat_sw_gcm.h"
 #endif
 
+OSSL_PROVIDER *prov = NULL;
 /* By default, qat provider always in a happy state */
 int qat_prov_is_running(void)
 {
@@ -73,9 +74,13 @@ extern const OSSL_DISPATCH qat_X25519_keymgmt_functions[];
 #ifdef ENABLE_QAT_HW_ECX
 extern const OSSL_DISPATCH qat_X448_keymgmt_functions[];
 #endif
+#if defined(ENABLE_QAT_HW_GCM) || defined(ENABLE_QAT_SW_GCM)
 extern const OSSL_DISPATCH qat_aes128gcm_functions[];
+# ifdef ENABLE_QAT_SW_GCM
 extern const OSSL_DISPATCH qat_aes192gcm_functions[];
+# endif
 extern const OSSL_DISPATCH qat_aes256gcm_functions[];
+#endif
 #if defined(ENABLE_QAT_HW_DSA) && defined(QAT_INSECURE_ALGO)
 extern const OSSL_DISPATCH qat_dsa_keymgmt_functions[];
 #endif
@@ -211,7 +216,9 @@ static void qat_teardown(void *provctx)
 
     if (provctx) {
         QAT_PROV_CTX *qat_ctx = (QAT_PROV_CTX *)provctx;
+        BIO_meth_free(ossl_prov_ctx_get0_core_bio_method(qat_ctx));
         OPENSSL_free(qat_ctx);
+        OSSL_PROVIDER_unload(prov);
     }
 }
 
@@ -262,10 +269,10 @@ static const OSSL_ALGORITHM_CAPABLE qat_deflt_ciphers[] = {
 # endif
     ALG(QAT_NAMES_AES_128_CBC_HMAC_SHA256, qat_aes128cbc_hmac_sha256_functions),
     ALG(QAT_NAMES_AES_256_CBC_HMAC_SHA256, qat_aes256cbc_hmac_sha256_functions),
+#endif
 # ifdef ENABLE_QAT_HW_CHACHAPOLY
     ALG(QAT_NAMES_CHACHA20_POLY1305, qat_chacha20_poly1305_functions),
 # endif /* ENABLE_QAT_HW_CHACHAPOLY */
-#endif
     { { NULL, NULL, NULL }, NULL }};
 
 static OSSL_ALGORITHM qat_exported_ciphers[OSSL_NELEM(qat_deflt_ciphers)];
@@ -355,7 +362,6 @@ static const OSSL_ALGORITHM qat_digests[] = {
 static const OSSL_ALGORITHM *qat_query(void *provctx, int operation_id, int *no_cache)
 {
     static int prov_init = 0;
-    OSSL_PROVIDER *prov = NULL;
     prov = OSSL_PROVIDER_load(NULL, "default");
     if (!prov_init) {
         prov_init = 1;

diff --git a/qat_prov_sha3.c b/qat_prov_sha3.c
@@ -150,6 +150,13 @@ static void qat_keccak_freectx(void *vctx)
     if (!qat_sha3_cleanup(ctx)){
         WARN("qat sha3 ctx cleanup failed.\n");
     }
+#ifndef ENABLE_QAT_HW_SMALL_PKT_OFFLOAD
+    EVP_MD_CTX_free(ctx->sw_md_ctx);
+    EVP_MD_free(ctx->sw_md);
+    ctx->sw_md_ctx = NULL;
+    ctx->sw_md = NULL;
+#endif
+    OPENSSL_clear_free(ctx->qctx, sizeof(qat_sha3_ctx));
     OPENSSL_clear_free(ctx,  sizeof(*ctx));
 }
 
@@ -261,9 +268,9 @@ static void *qat_##name##_newctx(void *provctx)
         ctx->pad = pad_val;                                                        \
     }                                                                              \
     set_ctx_md_type(ctx, bitlen);                                                  \
-    ctx->qctx = OPENSSL_malloc(sizeof(qat_sha3_ctx));                              \
+    ctx->qctx = OPENSSL_zalloc(sizeof(qat_sha3_ctx));                              \
     if (ctx->qctx == NULL)                                                         \
-        WARN("malloc failed.\n");                                                  \
+        WARN("zalloc failed.\n");                                                  \
     ctx->meth = sha3_generic_md;                                                   \
     ctx->sw_md_ctx = EVP_MD_CTX_new();                                             \
     if (ctx->sw_md_ctx == NULL)                                                    \
@@ -294,9 +301,9 @@ static void *qat_##name##_newctx(void *provctx)
         ctx->pad = pad_val;                                                        \
     }                                                                              \
     set_ctx_md_type(ctx, bitlen);                                                  \
-    ctx->qctx = OPENSSL_malloc(sizeof(qat_sha3_ctx));                              \
+    ctx->qctx = OPENSSL_zalloc(sizeof(qat_sha3_ctx));                              \
     if (ctx->qctx == NULL)                                                         \
-        WARN("malloc failed.\n");                                                  \
+        WARN("zalloc failed.\n");                                                  \
     ctx->meth = sha3_generic_md;                                                   \
     return ctx;                                                                    \
 }