[PATCH 1/3] security: fix device operation type

[PATCH 1/3] security: fix device operation type

[Nelio Laranjeiro]

Device operation pointers should be constant to avoid any modification
while it is in use.

Fixes: c261d1431bd8 ("security: introduce security API and framework")
Cc: akhil.goyal@nxp.com
Cc: stable@dpdk.org

Signed-off-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
---
 lib/librte_security/rte_security.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/librte_security/rte_security.h b/lib/librte_security/rte_security.h
index aa3a471a3..679c0a696 100644
--- a/lib/librte_security/rte_security.h
+++ b/lib/librte_security/rte_security.h
@@ -94,7 +94,7 @@ enum rte_security_ipsec_tunnel_type {
 struct rte_security_ctx {
 	void *device;
 	/**< Crypto/ethernet device attached */
-	struct rte_security_ops *ops;
+	const struct rte_security_ops *ops;
 	/**< Pointer to security ops for the device */
 	uint16_t sess_cnt;
 	/**< Number of sessions attached to this context */
-- 
2.11.0

[PATCH 2/3] crypto: fix pedentic compilation errors

[Nelio Laranjeiro]

 /root/dpdk/x86_64-native-linuxapp-gcc/include/rte_crypto.h:126:28: error: ISO C forbids zero-size array ‘sym’ [-Werror=pedantic]
   struct rte_crypto_sym_op sym[0];
                            ^~~

Fixes: d2a4223c4c6d ("cryptodev: do not store pointer to op specific params")
Cc: pablo.de.lara.guarch@intel.com
Cc: stable@dpdk.org

Signed-off-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
---
 lib/librte_cryptodev/rte_crypto.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/librte_cryptodev/rte_crypto.h b/lib/librte_cryptodev/rte_crypto.h
index 3d672fe7d..dc6e91d1d 100644
--- a/lib/librte_cryptodev/rte_crypto.h
+++ b/lib/librte_cryptodev/rte_crypto.h
@@ -123,7 +123,7 @@ struct rte_crypto_op {
 
 	RTE_STD_C11
 	union {
-		struct rte_crypto_sym_op sym[0];
+		struct rte_crypto_sym_op *sym;
 		/**< Symmetric operation parameters */
 	}; /**< operation specific parameters */
 };
-- 
2.11.0

[PATCH 3/3] security: fix pedentic compilation

[Nelio Laranjeiro]

 /root/dpdk/x86_64-native-linuxapp-gcc/include/rte_security.h:229:8: error: struct has no members [-Werror=pedantic]
  struct rte_security_macsec_xform {
         ^~~~~~~~~~~~~~~~~~~~~~~~~
 /root/dpdk/x86_64-native-linuxapp-gcc/include/rte_security.h:453:3: error: struct has no members [-Werror=pedantic]
    struct {
    ^~~~~~

Fixes: c261d1431bd8 ("security: introduce security API and framework")
Cc: akhil.goyal@nxp.com
Cc: stable@dpdk.org

Signed-off-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
---
 lib/librte_security/rte_security.h | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/lib/librte_security/rte_security.h b/lib/librte_security/rte_security.h
index 679c0a696..bcce7a189 100644
--- a/lib/librte_security/rte_security.h
+++ b/lib/librte_security/rte_security.h
@@ -228,6 +228,7 @@ struct rte_security_ipsec_xform {
  */
 struct rte_security_macsec_xform {
 	/** To be Filled */
+	int dummy;
 };
 
 /**
@@ -471,6 +472,7 @@ struct rte_security_capability {
 		/**< IPsec capability */
 		struct {
 			/* To be Filled */
+			int dummy;
 		} macsec;
 		/**< MACsec capability */
 	};
-- 
2.11.0

Re: [PATCH 2/3] crypto: fix pedentic compilation errors

[De Lara Guarch, Pablo]

Hi Nelio,

> -----Original Message-----
> From: Nelio Laranjeiro [mailto:nelio.laranjeiro@6wind.com]
> Sent: Wednesday, November 22, 2017 8:10 AM
> To: Akhil Goyal <akhil.goyal@nxp.com>; Doherty, Declan
> <declan.doherty@intel.com>
> Cc: dev@dpdk.org; De Lara Guarch, Pablo
> <pablo.de.lara.guarch@intel.com>; stable@dpdk.org
> Subject: [PATCH 2/3] crypto: fix pedentic compilation errors
> 
>  /root/dpdk/x86_64-native-linuxapp-gcc/include/rte_crypto.h:126:28:
> error: ISO C forbids zero-size array ‘sym’ [-Werror=pedantic]
>    struct rte_crypto_sym_op sym[0];
>                             ^~~
> 
> Fixes: d2a4223c4c6d ("cryptodev: do not store pointer to op specific
> params")
> Cc: pablo.de.lara.guarch@intel.com
> Cc: stable@dpdk.org
> 
> Signed-off-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
> ---
>  lib/librte_cryptodev/rte_crypto.h | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/lib/librte_cryptodev/rte_crypto.h
> b/lib/librte_cryptodev/rte_crypto.h
> index 3d672fe7d..dc6e91d1d 100644
> --- a/lib/librte_cryptodev/rte_crypto.h
> +++ b/lib/librte_cryptodev/rte_crypto.h
> @@ -123,7 +123,7 @@ struct rte_crypto_op {
> 
>  	RTE_STD_C11
>  	union {
> -		struct rte_crypto_sym_op sym[0];
> +		struct rte_crypto_sym_op *sym;

This would add extra 64 bits that are not necessary,
as the rte_crypto_sym_op structure is always placed after rte_crypto_op
(this is just a marker).

Is there any other way to fix this error? Which compiler are you using?

Thanks,
Pablo

Re: [PATCH 2/3] crypto: fix pedentic compilation errors

[Nelio Laranjeiro]

Hi Pablo,

On Wed, Nov 22, 2017 at 09:48:47AM +0000, De Lara Guarch, Pablo wrote:
> Hi Nelio,
> 
> > -----Original Message-----
> > From: Nelio Laranjeiro [mailto:nelio.laranjeiro@6wind.com]
> > Sent: Wednesday, November 22, 2017 8:10 AM
> > To: Akhil Goyal <akhil.goyal@nxp.com>; Doherty, Declan
> > <declan.doherty@intel.com>
> > Cc: dev@dpdk.org; De Lara Guarch, Pablo
> > <pablo.de.lara.guarch@intel.com>; stable@dpdk.org
> > Subject: [PATCH 2/3] crypto: fix pedentic compilation errors
> > 
> >  /root/dpdk/x86_64-native-linuxapp-gcc/include/rte_crypto.h:126:28:
> > error: ISO C forbids zero-size array ‘sym’ [-Werror=pedantic]
> >    struct rte_crypto_sym_op sym[0];
> >                             ^~~
> > 
> > Fixes: d2a4223c4c6d ("cryptodev: do not store pointer to op specific
> > params")
> > Cc: pablo.de.lara.guarch@intel.com
> > Cc: stable@dpdk.org
> > 
> > Signed-off-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
> > ---
> >  lib/librte_cryptodev/rte_crypto.h | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> > 
> > diff --git a/lib/librte_cryptodev/rte_crypto.h
> > b/lib/librte_cryptodev/rte_crypto.h
> > index 3d672fe7d..dc6e91d1d 100644
> > --- a/lib/librte_cryptodev/rte_crypto.h
> > +++ b/lib/librte_cryptodev/rte_crypto.h
> > @@ -123,7 +123,7 @@ struct rte_crypto_op {
> > 
> >  	RTE_STD_C11
> >  	union {
> > -		struct rte_crypto_sym_op sym[0];
> > +		struct rte_crypto_sym_op *sym;
> 
> This would add extra 64 bits that are not necessary,
> as the rte_crypto_sym_op structure is always placed after rte_crypto_op
> (this is just a marker).
> 
> Is there any other way to fix this error?

Indeed it is not the correct solution, the point here is RTE_STD_C11 is
wrongly used because even in C11 arrays with size of 0 are not
allowed.  If it was the last attribute of the structure it could have
been replaced with empty brackets but as it is inside an union, it
cannot.  The correct solution is to replace the RTE_STD_C11 by
__extension__.

> Which compiler are you using?

It occurs with any compiler when you enable the pedantic flag under C11.
All DPDK headers have been fix to avoid such issue [1].

Thanks,

[1] http://dpdk.org/ml/archives/dev/2016-April/037051.html

-- 
Nélio Laranjeiro
6WIND

Re: [PATCH 2/3] crypto: fix pedentic compilation errors

[Neil Horman]

On Wed, Nov 22, 2017 at 09:10:17AM +0100, Nelio Laranjeiro wrote:
>  /root/dpdk/x86_64-native-linuxapp-gcc/include/rte_crypto.h:126:28: error: ISO C forbids zero-size array ‘sym’ [-Werror=pedantic]
>    struct rte_crypto_sym_op sym[0];
>                             ^~~
> 
> Fixes: d2a4223c4c6d ("cryptodev: do not store pointer to op specific params")
> Cc: pablo.de.lara.guarch@intel.com
> Cc: stable@dpdk.org
> 
> Signed-off-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
> ---
>  lib/librte_cryptodev/rte_crypto.h | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/lib/librte_cryptodev/rte_crypto.h b/lib/librte_cryptodev/rte_crypto.h
> index 3d672fe7d..dc6e91d1d 100644
> --- a/lib/librte_cryptodev/rte_crypto.h
> +++ b/lib/librte_cryptodev/rte_crypto.h
> @@ -123,7 +123,7 @@ struct rte_crypto_op {
>  
>  	RTE_STD_C11
>  	union {
> -		struct rte_crypto_sym_op sym[0];
> +		struct rte_crypto_sym_op *sym;
>  		/**< Symmetric operation parameters */
>  	}; /**< operation specific parameters */
>  };
> -- 
> 2.11.0
> 
> 
As Laura notes, this isn't the right solution.  In addition to adding a 64 bit
pointer, it I think also results in incorrect semantics.  That is to say, the
allocation path for this structure allocates the rte_crypto_op and additional
memory for the sym array contiguously, which the sym[0] syntax correctly
interprets to mean the storage for the array is inline with the structure.
Changing to a pointer means you are using the first elements of the array
storage as your pointer, which could be filled with any old value, leading to
corruption.

If you can't use zero length array semantics (which I assume you cant, as I
don't think clang supports that), a better soution might be to remove the sym
variable entirely, and replace it with a macro that access the sym array as an
offset from the start of the pointer.  That would seem to be an ABI change, but
if you went through that process you would wind up with the same sized struct,
which would be nice

Neil

Re: [PATCH 2/3] crypto: fix pedentic compilation errors

[Gaëtan Rivet]

On Wed, Nov 22, 2017 at 08:56:14AM -0500, Neil Horman wrote:
> On Wed, Nov 22, 2017 at 09:10:17AM +0100, Nelio Laranjeiro wrote:
> >  /root/dpdk/x86_64-native-linuxapp-gcc/include/rte_crypto.h:126:28: error: ISO C forbids zero-size array ‘sym’ [-Werror=pedantic]
> >    struct rte_crypto_sym_op sym[0];
> >                             ^~~
> > 
> > Fixes: d2a4223c4c6d ("cryptodev: do not store pointer to op specific params")
> > Cc: pablo.de.lara.guarch@intel.com
> > Cc: stable@dpdk.org
> > 
> > Signed-off-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
> > ---
> >  lib/librte_cryptodev/rte_crypto.h | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> > 
> > diff --git a/lib/librte_cryptodev/rte_crypto.h b/lib/librte_cryptodev/rte_crypto.h
> > index 3d672fe7d..dc6e91d1d 100644
> > --- a/lib/librte_cryptodev/rte_crypto.h
> > +++ b/lib/librte_cryptodev/rte_crypto.h
> > @@ -123,7 +123,7 @@ struct rte_crypto_op {
> >  
> >  	RTE_STD_C11
> >  	union {
> > -		struct rte_crypto_sym_op sym[0];
> > +		struct rte_crypto_sym_op *sym;
> >  		/**< Symmetric operation parameters */
> >  	}; /**< operation specific parameters */
> >  };
> > -- 
> > 2.11.0
> > 
> > 
> As Laura notes, this isn't the right solution.  In addition to adding a 64 bit
> pointer, it I think also results in incorrect semantics.  That is to say, the
> allocation path for this structure allocates the rte_crypto_op and additional
> memory for the sym array contiguously, which the sym[0] syntax correctly
> interprets to mean the storage for the array is inline with the structure.
> Changing to a pointer means you are using the first elements of the array
> storage as your pointer, which could be filled with any old value, leading to
> corruption.
> 
> If you can't use zero length array semantics (which I assume you cant, as I
> don't think clang supports that), a better soution might be to remove the sym
> variable entirely, and replace it with a macro that access the sym array as an
> offset from the start of the pointer.  That would seem to be an ABI change, but
> if you went through that process you would wind up with the same sized struct,
> which would be nice
> 
> Neil
> 

ISO C forbids zero-size arrays, but ISO C99 allows flexible arrays.
Why is this symbole within a union? Why not remove the union, change
sym[0] to sym[]?

-- 
Gaëtan Rivet
6WIND

Re: [PATCH 2/3] crypto: fix pedentic compilation errors

[De Lara Guarch, Pablo]

> -----Original Message-----
> From: Gaëtan Rivet [mailto:gaetan.rivet@6wind.com]
> Sent: Wednesday, November 22, 2017 2:32 PM
> To: Neil Horman <nhorman@tuxdriver.com>
> Cc: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>; Akhil Goyal
> <akhil.goyal@nxp.com>; Doherty, Declan <declan.doherty@intel.com>;
> dev@dpdk.org; De Lara Guarch, Pablo <pablo.de.lara.guarch@intel.com>;
> stable@dpdk.org
> Subject: Re: [dpdk-dev] [PATCH 2/3] crypto: fix pedentic compilation errors
> 
> On Wed, Nov 22, 2017 at 08:56:14AM -0500, Neil Horman wrote:
> > On Wed, Nov 22, 2017 at 09:10:17AM +0100, Nelio Laranjeiro wrote:
> > >  /root/dpdk/x86_64-native-linuxapp-gcc/include/rte_crypto.h:126:28:
> error: ISO C forbids zero-size array ‘sym’ [-Werror=pedantic]
> > >    struct rte_crypto_sym_op sym[0];
> > >                             ^~~
> > >
> > > Fixes: d2a4223c4c6d ("cryptodev: do not store pointer to op specific
> > > params")
> > > Cc: pablo.de.lara.guarch@intel.com
> > > Cc: stable@dpdk.org
> > >
> > > Signed-off-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
> > > ---
> > >  lib/librte_cryptodev/rte_crypto.h | 2 +-
> > >  1 file changed, 1 insertion(+), 1 deletion(-)
> > >
> > > diff --git a/lib/librte_cryptodev/rte_crypto.h
> > > b/lib/librte_cryptodev/rte_crypto.h
> > > index 3d672fe7d..dc6e91d1d 100644
> > > --- a/lib/librte_cryptodev/rte_crypto.h
> > > +++ b/lib/librte_cryptodev/rte_crypto.h
> > > @@ -123,7 +123,7 @@ struct rte_crypto_op {
> > >
> > >  	RTE_STD_C11
> > >  	union {
> > > -		struct rte_crypto_sym_op sym[0];
> > > +		struct rte_crypto_sym_op *sym;
> > >  		/**< Symmetric operation parameters */
> > >  	}; /**< operation specific parameters */  };
> > > --
> > > 2.11.0
> > >
> > >
> > As Laura notes, this isn't the right solution.  In addition to adding a 64 bit
> > pointer, it I think also results in incorrect semantics.  That is to say, the
> > allocation path for this structure allocates the rte_crypto_op and
> additional
> > memory for the sym array contiguously, which the sym[0] syntax
> correctly
> > interprets to mean the storage for the array is inline with the structure.
> > Changing to a pointer means you are using the first elements of the array
> > storage as your pointer, which could be filled with any old value, leading
> to
> > corruption.
> >
> > If you can't use zero length array semantics (which I assume you cant, as I
> > don't think clang supports that), a better soution might be to remove the
> sym
> > variable entirely, and replace it with a macro that access the sym array as
> an
> > offset from the start of the pointer.  That would seem to be an ABI
> change, but
> > if you went through that process you would wind up with the same sized
> struct,
> > which would be nice
> >
> > Neil
> >
> 
> ISO C forbids zero-size arrays, but ISO C99 allows flexible arrays.
> Why is this symbole within a union? Why not remove the union, change
> sym[0] to sym[]?

It is a union because there were going to be other types of crypto operations (might still happen in the future).
For instance:

union{
	struct rte_crypto_sym_op sym[0];
	struct rte_crypto_asym_op asym[0];
}

Thanks,
Pablo
> 
> --
> Gaëtan Rivet
> 6WIND

[PATCH v2 1/3] security: fix device operation type

[Nelio Laranjeiro]

Device operation pointers should be constant to avoid any modification
while it is in use.

Fixes: c261d1431bd8 ("security: introduce security API and framework")
Cc: akhil.goyal@nxp.com
Cc: stable@dpdk.org

Signed-off-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
---
 lib/librte_security/rte_security.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/librte_security/rte_security.h b/lib/librte_security/rte_security.h
index aa3a471a3..679c0a696 100644
--- a/lib/librte_security/rte_security.h
+++ b/lib/librte_security/rte_security.h
@@ -94,7 +94,7 @@ enum rte_security_ipsec_tunnel_type {
 struct rte_security_ctx {
 	void *device;
 	/**< Crypto/ethernet device attached */
-	struct rte_security_ops *ops;
+	const struct rte_security_ops *ops;
 	/**< Pointer to security ops for the device */
 	uint16_t sess_cnt;
 	/**< Number of sessions attached to this context */
-- 
2.11.0

[PATCH v2 2/3] crypto: fix pedantic compilation errors

[Nelio Laranjeiro]

 /root/dpdk/x86_64-native-linuxapp-gcc/include/rte_crypto.h:126:28: error: ISO C forbids zero-size array ‘sym’ [-Werror=pedantic]
   struct rte_crypto_sym_op sym[0];
                            ^~~
Zero-size array is an extension to the language it cannot be replaced by a
empty size array i.e. [] because structure is inside an union.

Fixes: d2a4223c4c6d ("cryptodev: do not store pointer to op specific params")
Cc: pablo.de.lara.guarch@intel.com
Cc: stable@dpdk.org

Signed-off-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>

---

Changes in v2:

replace RTE_STD_C11 by __extension__
---
 lib/librte_cryptodev/rte_crypto.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/librte_cryptodev/rte_crypto.h b/lib/librte_cryptodev/rte_crypto.h
index 3d672fe7d..6f0b29732 100644
--- a/lib/librte_cryptodev/rte_crypto.h
+++ b/lib/librte_cryptodev/rte_crypto.h
@@ -121,7 +121,7 @@ struct rte_crypto_op {
 	rte_iova_t phys_addr;
 	/**< physical address of crypto operation */
 
-	RTE_STD_C11
+	__extension__
 	union {
 		struct rte_crypto_sym_op sym[0];
 		/**< Symmetric operation parameters */
-- 
2.11.0

[PATCH v2 3/3] security: fix pedantic compilation

[Nelio Laranjeiro]

 /root/dpdk/x86_64-native-linuxapp-gcc/include/rte_security.h:229:8: error: struct has no members [-Werror=pedantic]
  struct rte_security_macsec_xform {
         ^~~~~~~~~~~~~~~~~~~~~~~~~
 /root/dpdk/x86_64-native-linuxapp-gcc/include/rte_security.h:453:3: error: struct has no members [-Werror=pedantic]
    struct {
    ^~~~~~

Fixes: c261d1431bd8 ("security: introduce security API and framework")
Cc: akhil.goyal@nxp.com
Cc: stable@dpdk.org

Signed-off-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
---
 lib/librte_security/rte_security.h | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/lib/librte_security/rte_security.h b/lib/librte_security/rte_security.h
index 679c0a696..bcce7a189 100644
--- a/lib/librte_security/rte_security.h
+++ b/lib/librte_security/rte_security.h
@@ -228,6 +228,7 @@ struct rte_security_ipsec_xform {
  */
 struct rte_security_macsec_xform {
 	/** To be Filled */
+	int dummy;
 };
 
 /**
@@ -471,6 +472,7 @@ struct rte_security_capability {
 		/**< IPsec capability */
 		struct {
 			/* To be Filled */
+			int dummy;
 		} macsec;
 		/**< MACsec capability */
 	};
-- 
2.11.0

Re: [PATCH v2 1/3] security: fix device operation type

[Akhil Goyal]

Hi Nelio,
On 11/23/2017 3:32 PM, Nelio Laranjeiro wrote:
> Device operation pointers should be constant to avoid any modification
> while it is in use.
> 
> Fixes: c261d1431bd8 ("security: introduce security API and framework")
> Cc: akhil.goyal@nxp.com
> Cc: stable@dpdk.org
> 
> Signed-off-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
> ---
>   lib/librte_security/rte_security.h | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/lib/librte_security/rte_security.h b/lib/librte_security/rte_security.h
> index aa3a471a3..679c0a696 100644
> --- a/lib/librte_security/rte_security.h
> +++ b/lib/librte_security/rte_security.h
> @@ -94,7 +94,7 @@ enum rte_security_ipsec_tunnel_type {
>   struct rte_security_ctx {
>   	void *device;
>   	/**< Crypto/ethernet device attached */
> -	struct rte_security_ops *ops;
> +	const struct rte_security_ops *ops;
Do we require this change for crypto ops as well.
>   	/**< Pointer to security ops for the device */
>   	uint16_t sess_cnt;
>   	/**< Number of sessions attached to this context */
> 

Re: [PATCH v2 3/3] security: fix pedantic compilation

[Akhil Goyal]

Acked-by: Akhil Goyal <akhil.goyal@nxp.com

Re: [PATCH v2 1/3] security: fix device operation type

[Nelio Laranjeiro]

On Fri, Nov 24, 2017 at 03:03:52PM +0530, Akhil Goyal wrote:
> Hi Nelio,
> On 11/23/2017 3:32 PM, Nelio Laranjeiro wrote:
> > Device operation pointers should be constant to avoid any modification
> > while it is in use.
> > 
> > Fixes: c261d1431bd8 ("security: introduce security API and framework")
> > Cc: akhil.goyal@nxp.com
> > Cc: stable@dpdk.org
> > 
> > Signed-off-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
> > ---
> >   lib/librte_security/rte_security.h | 2 +-
> >   1 file changed, 1 insertion(+), 1 deletion(-)
> > 
> > diff --git a/lib/librte_security/rte_security.h b/lib/librte_security/rte_security.h
> > index aa3a471a3..679c0a696 100644
> > --- a/lib/librte_security/rte_security.h
> > +++ b/lib/librte_security/rte_security.h
> > @@ -94,7 +94,7 @@ enum rte_security_ipsec_tunnel_type {
> >   struct rte_security_ctx {
> >   	void *device;
> >   	/**< Crypto/ethernet device attached */
> > -	struct rte_security_ops *ops;
> > +	const struct rte_security_ops *ops;
> Do we require this change for crypto ops as well.

Yes, only drivers should be able to change modify this pointer.

> >   	/**< Pointer to security ops for the device */
> >   	uint16_t sess_cnt;
> >   	/**< Number of sessions attached to this context */
> > 
 
Thanks,

-- 
Nélio Laranjeiro
6WIND

Re: [PATCH v2 2/3] crypto: fix pedantic compilation errors

[De Lara Guarch, Pablo]

> -----Original Message-----
> From: Nelio Laranjeiro [mailto:nelio.laranjeiro@6wind.com]
> Sent: Thursday, November 23, 2017 10:03 AM
> To: Akhil Goyal <akhil.goyal@nxp.com>; Doherty, Declan
> <declan.doherty@intel.com>
> Cc: dev@dpdk.org; Gaetan Rivet <gaetan.rivet@6wind.com>; De Lara
> Guarch, Pablo <pablo.de.lara.guarch@intel.com>; stable@dpdk.org
> Subject: [PATCH v2 2/3] crypto: fix pedantic compilation errors
> 

...

> --- a/lib/librte_cryptodev/rte_crypto.h
> +++ b/lib/librte_cryptodev/rte_crypto.h
> @@ -121,7 +121,7 @@ struct rte_crypto_op {
>  	rte_iova_t phys_addr;
>  	/**< physical address of crypto operation */
> 
> -	RTE_STD_C11
> +	__extension__

Hi Nelio,

Since RTE_STD_C11 is basically __extension__ when __STDC_VERSION__ is not defined,
Is this forcing __extension__ to be used no matter what? (even if C11 is not supported).

Thanks,
Pablo

Re: [PATCH v2 2/3] crypto: fix pedantic compilation errors

[Nelio Laranjeiro]

Hi Pablo,

On Mon, Dec 11, 2017 at 11:49:39AM +0000, De Lara Guarch, Pablo wrote:
> 
> 
> > -----Original Message-----
> > From: Nelio Laranjeiro [mailto:nelio.laranjeiro@6wind.com]
> > Sent: Thursday, November 23, 2017 10:03 AM
> > To: Akhil Goyal <akhil.goyal@nxp.com>; Doherty, Declan
> > <declan.doherty@intel.com>
> > Cc: dev@dpdk.org; Gaetan Rivet <gaetan.rivet@6wind.com>; De Lara
> > Guarch, Pablo <pablo.de.lara.guarch@intel.com>; stable@dpdk.org
> > Subject: [PATCH v2 2/3] crypto: fix pedantic compilation errors
> > 
> 
> ...
> 
> > --- a/lib/librte_cryptodev/rte_crypto.h
> > +++ b/lib/librte_cryptodev/rte_crypto.h
> > @@ -121,7 +121,7 @@ struct rte_crypto_op {
> >  	rte_iova_t phys_addr;
> >  	/**< physical address of crypto operation */
> > 
> > -	RTE_STD_C11
> > +	__extension__
> 
> Hi Nelio,
> 
> Since RTE_STD_C11 is basically __extension__ when __STDC_VERSION__ is not defined,
> Is this forcing __extension__ to be used no matter what? (even if C11 is not supported).

Yes

Thanks,

-- 
Nélio Laranjeiro
6WIND

Re: [PATCH v2 2/3] crypto: fix pedantic compilation errors

[De Lara Guarch, Pablo]

> -----Original Message-----
> From: Nelio Laranjeiro [mailto:nelio.laranjeiro@6wind.com]
> Sent: Monday, December 11, 2017 12:43 PM
> To: De Lara Guarch, Pablo <pablo.de.lara.guarch@intel.com>
> Cc: Akhil Goyal <akhil.goyal@nxp.com>; Doherty, Declan
> <declan.doherty@intel.com>; dev@dpdk.org; Gaetan Rivet
> <gaetan.rivet@6wind.com>; stable@dpdk.org
> Subject: Re: [PATCH v2 2/3] crypto: fix pedantic compilation errors
> 
> Hi Pablo,
> 
> On Mon, Dec 11, 2017 at 11:49:39AM +0000, De Lara Guarch, Pablo wrote:
> >
> >
> > > -----Original Message-----
> > > From: Nelio Laranjeiro [mailto:nelio.laranjeiro@6wind.com]
> > > Sent: Thursday, November 23, 2017 10:03 AM
> > > To: Akhil Goyal <akhil.goyal@nxp.com>; Doherty, Declan
> > > <declan.doherty@intel.com>
> > > Cc: dev@dpdk.org; Gaetan Rivet <gaetan.rivet@6wind.com>; De Lara
> > > Guarch, Pablo <pablo.de.lara.guarch@intel.com>; stable@dpdk.org
> > > Subject: [PATCH v2 2/3] crypto: fix pedantic compilation errors
> > >
> >
> > ...
> >
> > > --- a/lib/librte_cryptodev/rte_crypto.h
> > > +++ b/lib/librte_cryptodev/rte_crypto.h
> > > @@ -121,7 +121,7 @@ struct rte_crypto_op {
> > >  	rte_iova_t phys_addr;
> > >  	/**< physical address of crypto operation */
> > >
> > > -	RTE_STD_C11
> > > +	__extension__
> >
> > Hi Nelio,
> >
> > Since RTE_STD_C11 is basically __extension__ when __STDC_VERSION__
> is
> > not defined, Is this forcing __extension__ to be used no matter what?
> (even if C11 is not supported).
> 
> Yes
> 

Right, and are we sure that this is OK? If C11 is supported, do we still want extension?

Thanks,
Pablo

> Thanks,
> 
> --
> Nélio Laranjeiro
> 6WIND

Re: [PATCH v2 2/3] crypto: fix pedantic compilation errors

[Nelio Laranjeiro]

On Mon, Dec 11, 2017 at 01:54:22PM +0000, De Lara Guarch, Pablo wrote:
> 
> 
> > -----Original Message-----
> > From: Nelio Laranjeiro [mailto:nelio.laranjeiro@6wind.com]
> > Sent: Monday, December 11, 2017 12:43 PM
> > To: De Lara Guarch, Pablo <pablo.de.lara.guarch@intel.com>
> > Cc: Akhil Goyal <akhil.goyal@nxp.com>; Doherty, Declan
> > <declan.doherty@intel.com>; dev@dpdk.org; Gaetan Rivet
> > <gaetan.rivet@6wind.com>; stable@dpdk.org
> > Subject: Re: [PATCH v2 2/3] crypto: fix pedantic compilation errors
> > 
> > Hi Pablo,
> > 
> > On Mon, Dec 11, 2017 at 11:49:39AM +0000, De Lara Guarch, Pablo wrote:
> > >
> > >
> > > > -----Original Message-----
> > > > From: Nelio Laranjeiro [mailto:nelio.laranjeiro@6wind.com]
> > > > Sent: Thursday, November 23, 2017 10:03 AM
> > > > To: Akhil Goyal <akhil.goyal@nxp.com>; Doherty, Declan
> > > > <declan.doherty@intel.com>
> > > > Cc: dev@dpdk.org; Gaetan Rivet <gaetan.rivet@6wind.com>; De Lara
> > > > Guarch, Pablo <pablo.de.lara.guarch@intel.com>; stable@dpdk.org
> > > > Subject: [PATCH v2 2/3] crypto: fix pedantic compilation errors
> > > >
> > >
> > > ...
> > >
> > > > --- a/lib/librte_cryptodev/rte_crypto.h
> > > > +++ b/lib/librte_cryptodev/rte_crypto.h
> > > > @@ -121,7 +121,7 @@ struct rte_crypto_op {
> > > >  	rte_iova_t phys_addr;
> > > >  	/**< physical address of crypto operation */
> > > >
> > > > -	RTE_STD_C11
> > > > +	__extension__
> > >
> > > Hi Nelio,
> > >
> > > Since RTE_STD_C11 is basically __extension__ when __STDC_VERSION__
> > is
> > > not defined, Is this forcing __extension__ to be used no matter what?
> > (even if C11 is not supported).
> > 
> > Yes
> > 
> 
> Right, and are we sure that this is OK? If C11 is supported, do we
> still want extension?

Having an array with an empty size inside a union does not make part of
any standard, it is an extension of the language.

Regards,

-- 
Nélio Laranjeiro
6WIND

Re: [dpdk-stable] [PATCH v2 1/3] security: fix device operation type

[De Lara Guarch, Pablo]

> -----Original Message-----
> From: stable [mailto:stable-bounces@dpdk.org] On Behalf Of Nelio
> Laranjeiro
> Sent: Friday, November 24, 2017 12:07 PM
> To: Akhil Goyal <akhil.goyal@nxp.com>
> Cc: Doherty, Declan <declan.doherty@intel.com>; dev@dpdk.org; Gaetan
> Rivet <gaetan.rivet@6wind.com>; stable@dpdk.org
> Subject: Re: [dpdk-stable] [PATCH v2 1/3] security: fix device operation type
> 
> On Fri, Nov 24, 2017 at 03:03:52PM +0530, Akhil Goyal wrote:
> > Hi Nelio,
> > On 11/23/2017 3:32 PM, Nelio Laranjeiro wrote:
> > > Device operation pointers should be constant to avoid any
> > > modification while it is in use.
> > >
> > > Fixes: c261d1431bd8 ("security: introduce security API and
> > > framework")
> > > Cc: akhil.goyal@nxp.com
> > > Cc: stable@dpdk.org
> > >
> > > Signed-off-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>

Akhil, do you agree with the change? I am waiting for an ack here to integrate this patch with the rest of the patchset.

Thanks,
Pablo

Re: [PATCH v2 2/3] crypto: fix pedantic compilation errors

[De Lara Guarch, Pablo]

> -----Original Message-----
> From: dev [mailto:dev-bounces@dpdk.org] On Behalf Of Nelio Laranjeiro
> Sent: Monday, December 11, 2017 2:16 PM
> To: De Lara Guarch, Pablo <pablo.de.lara.guarch@intel.com>
> Cc: Akhil Goyal <akhil.goyal@nxp.com>; Doherty, Declan
> <declan.doherty@intel.com>; dev@dpdk.org; Gaetan Rivet
> <gaetan.rivet@6wind.com>; stable@dpdk.org
> Subject: Re: [dpdk-dev] [PATCH v2 2/3] crypto: fix pedantic compilation
> errors
> 
> On Mon, Dec 11, 2017 at 01:54:22PM +0000, De Lara Guarch, Pablo wrote:
> >
> >
> > > -----Original Message-----
> > > From: Nelio Laranjeiro [mailto:nelio.laranjeiro@6wind.com]
> > > Sent: Monday, December 11, 2017 12:43 PM
> > > To: De Lara Guarch, Pablo <pablo.de.lara.guarch@intel.com>
> > > Cc: Akhil Goyal <akhil.goyal@nxp.com>; Doherty, Declan
> > > <declan.doherty@intel.com>; dev@dpdk.org; Gaetan Rivet
> > > <gaetan.rivet@6wind.com>; stable@dpdk.org
> > > Subject: Re: [PATCH v2 2/3] crypto: fix pedantic compilation errors
> > >
> > > Hi Pablo,
> > >
> > > On Mon, Dec 11, 2017 at 11:49:39AM +0000, De Lara Guarch, Pablo
> wrote:
> > > >
> > > >
> > > > > -----Original Message-----
> > > > > From: Nelio Laranjeiro [mailto:nelio.laranjeiro@6wind.com]
> > > > > Sent: Thursday, November 23, 2017 10:03 AM
> > > > > To: Akhil Goyal <akhil.goyal@nxp.com>; Doherty, Declan
> > > > > <declan.doherty@intel.com>
> > > > > Cc: dev@dpdk.org; Gaetan Rivet <gaetan.rivet@6wind.com>; De
> Lara
> > > > > Guarch, Pablo <pablo.de.lara.guarch@intel.com>; stable@dpdk.org
> > > > > Subject: [PATCH v2 2/3] crypto: fix pedantic compilation errors
> > > > >
> > > >
> > > > ...
> > > >
> > > > > --- a/lib/librte_cryptodev/rte_crypto.h
> > > > > +++ b/lib/librte_cryptodev/rte_crypto.h
> > > > > @@ -121,7 +121,7 @@ struct rte_crypto_op {
> > > > >  	rte_iova_t phys_addr;
> > > > >  	/**< physical address of crypto operation */
> > > > >
> > > > > -	RTE_STD_C11
> > > > > +	__extension__
> > > >
> > > > Hi Nelio,
> > > >
> > > > Since RTE_STD_C11 is basically __extension__ when
> __STDC_VERSION__
> > > is
> > > > not defined, Is this forcing __extension__ to be used no matter what?
> > > (even if C11 is not supported).
> > >
> > > Yes
> > >
> >
> > Right, and are we sure that this is OK? If C11 is supported, do we
> > still want extension?
> 
> Having an array with an empty size inside a union does not make part of
> any standard, it is an extension of the language.

If no other objections from the community:

Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>#

> 
> Regards,
> 
> --
> Nélio Laranjeiro
> 6WIND

Re: [dpdk-stable] [PATCH v2 1/3] security: fix device operation type

[Akhil Goyal]

On 1/8/2018 3:28 PM, De Lara Guarch, Pablo wrote:
> 
> 
>> -----Original Message-----
>> From: stable [mailto:stable-bounces@dpdk.org] On Behalf Of Nelio
>> Laranjeiro
>> Sent: Friday, November 24, 2017 12:07 PM
>> To: Akhil Goyal <akhil.goyal@nxp.com>
>> Cc: Doherty, Declan <declan.doherty@intel.com>; dev@dpdk.org; Gaetan
>> Rivet <gaetan.rivet@6wind.com>; stable@dpdk.org
>> Subject: Re: [dpdk-stable] [PATCH v2 1/3] security: fix device operation type
>>
>> On Fri, Nov 24, 2017 at 03:03:52PM +0530, Akhil Goyal wrote:
>>> Hi Nelio,
>>> On 11/23/2017 3:32 PM, Nelio Laranjeiro wrote:
>>>> Device operation pointers should be constant to avoid any
>>>> modification while it is in use.
>>>>
>>>> Fixes: c261d1431bd8 ("security: introduce security API and
>>>> framework")
>>>> Cc: akhil.goyal@nxp.com
>>>> Cc: stable@dpdk.org
>>>>
>>>> Signed-off-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
> 
> Akhil, do you agree with the change? I am waiting for an ack here to integrate this patch with the rest of the patchset.
> 
> Thanks,
> Pablo
> 
> 
Yes I agree to this change.
Just suggesting this change for crypto ops as well.

Acked-by: Akhil Goyal <akhil.goyal@nxp.com

Re: [dpdk-stable] [PATCH v2 1/3] security: fix device operation type

[De Lara Guarch, Pablo]

> -----Original Message-----
> From: stable [mailto:stable-bounces@dpdk.org] On Behalf Of Nelio
> Laranjeiro
> Sent: Thursday, November 23, 2017 10:03 AM
> To: Akhil Goyal <akhil.goyal@nxp.com>; Doherty, Declan
> <declan.doherty@intel.com>
> Cc: dev@dpdk.org; Gaetan Rivet <gaetan.rivet@6wind.com>;
> stable@dpdk.org
> Subject: [dpdk-stable] [PATCH v2 1/3] security: fix device operation type
> 
> Device operation pointers should be constant to avoid any modification
> while it is in use.
> 
> Fixes: c261d1431bd8 ("security: introduce security API and framework")
> Cc: akhil.goyal@nxp.com
> Cc: stable@dpdk.org
> 
> Signed-off-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>

Applied to dpdk-next-crypto.
Thanks,

Pablo

Re: [PATCH v2 2/3] crypto: fix pedantic compilation errors

[De Lara Guarch, Pablo]

> -----Original Message-----
> From: Nelio Laranjeiro [mailto:nelio.laranjeiro@6wind.com]
> Sent: Thursday, November 23, 2017 10:03 AM
> To: Akhil Goyal <akhil.goyal@nxp.com>; Doherty, Declan
> <declan.doherty@intel.com>
> Cc: dev@dpdk.org; Gaetan Rivet <gaetan.rivet@6wind.com>; De Lara
> Guarch, Pablo <pablo.de.lara.guarch@intel.com>; stable@dpdk.org
> Subject: [PATCH v2 2/3] crypto: fix pedantic compilation errors
> 
>  /root/dpdk/x86_64-native-linuxapp-gcc/include/rte_crypto.h:126:28:
> error: ISO C forbids zero-size array ‘sym’ [-Werror=pedantic]
>    struct rte_crypto_sym_op sym[0];
>                             ^~~
> Zero-size array is an extension to the language it cannot be replaced by a
> empty size array i.e. [] because structure is inside an union.
> 
> Fixes: d2a4223c4c6d ("cryptodev: do not store pointer to op specific
> params")
> Cc: pablo.de.lara.guarch@intel.com
> Cc: stable@dpdk.org
> 
> Signed-off-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>

Applied to dpdk-next-crypto.
Thanks,

Pablo

Re: [dpdk-stable] [PATCH v2 3/3] security: fix pedantic compilation

[De Lara Guarch, Pablo]

> -----Original Message-----
> From: stable [mailto:stable-bounces@dpdk.org] On Behalf Of Nelio
> Laranjeiro
> Sent: Thursday, November 23, 2017 10:03 AM
> To: Akhil Goyal <akhil.goyal@nxp.com>; Doherty, Declan
> <declan.doherty@intel.com>
> Cc: dev@dpdk.org; Gaetan Rivet <gaetan.rivet@6wind.com>;
> stable@dpdk.org
> Subject: [dpdk-stable] [PATCH v2 3/3] security: fix pedantic compilation
> 
>  /root/dpdk/x86_64-native-linuxapp-gcc/include/rte_security.h:229:8:
> error: struct has no members [-Werror=pedantic]
>   struct rte_security_macsec_xform {
>          ^~~~~~~~~~~~~~~~~~~~~~~~~
>  /root/dpdk/x86_64-native-linuxapp-gcc/include/rte_security.h:453:3:
> error: struct has no members [-Werror=pedantic]
>     struct {
>     ^~~~~~
> 
> Fixes: c261d1431bd8 ("security: introduce security API and framework")
> Cc: akhil.goyal@nxp.com
> Cc: stable@dpdk.org
> 
> Signed-off-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>

Applied to dpdk-next-crypto.
Thanks,

Pablo